Telecommunications Industry Signals
Companies that build and operate networks providing voice, data, internet, and broadband services to consumers and businesses.
This is a Naftiko Signals aggregate read of the Telecommunications industry — mined from public workforce signals (job postings, press releases, newsroom content) across 15 companies and matched against Naftiko’s curated vocabulary of services, tools, concepts, and standards across the 44 Naftiko signal groups.
Across 15 companies in Telecommunications we detected 1959 areas, 333 services, 225 tools, and 221 standards — producing an aggregate signal score of 6620.
How to read this page: Impact Report is the narrative read-out for the industry. Companies lists the 15 organizations included in the aggregate. Capabilities are Naftiko agent workflows common to Telecommunications — each one runnable in the Naftiko Framework. Navigation ranks the strategic moves we’d recommend for any company in this vertical. Signals is the aggregate score across every Naftiko signal group, each row linking to its definition. Areas, Services, Tools, and Standards are the raw aggregate detections behind the score. Why? explains the methodology and audience.
Telecommunications Industry Technology Investment Report
| Prepared by Naftiko | May 2026 |
Executive Summary
The Telecommunications industry presents one of the most structurally stratified AI investment landscapes in Naftiko’s coverage universe. Across 5 companies assessed — Qualcomm, Comcast, AT&T, Verizon, and T-Mobile — Qualcomm leads on nearly every scoring dimension by a margin that reflects its dual identity as both a semiconductor company and a telecommunications infrastructure provider. Qualcomm’s Foundational Layer AI score of 94 and Cloud score of 132 place it in the same tier as leading technology-sector companies, while Comcast and AT&T occupy a well-resourced second tier, and Verizon and T-Mobile trail meaningfully across most dimensions. The five-company cohort, while smaller than other Naftiko-covered industries, represents the full range from deeply AI-instrumented to early-stage adoption.
The structural story in Telecommunications is one of network-layer investment creating differentiated AI readiness. Companies with large engineering organizations responsible for running complex distributed infrastructure — Qualcomm, AT&T — have built AI and automation capabilities as operational necessities rather than strategic initiatives. AT&T’s leading positions in Observability (49) and Security (85) reflect the operational demands of running a national wireless and wireline network at scale, where monitoring and security are table-stakes capabilities. The industry’s most notable gap is at the lighter-investment end of the cohort: T-Mobile’s scores across most dimensions are 30–50% of Qualcomm’s, indicating that the industry’s newest major carrier has prioritized network build-out investment over AI-infrastructure depth. As 5G deployments mature and network differentiation compresses, the AI investment gap across this cohort is likely to widen competitive outcomes in the medium term.
Layer 1: Foundational Layer
The Foundational Layer evaluates AI, cloud, open-source, language, and code readiness across 5 Telecommunications companies, with Qualcomm leading on all five scoring areas and Cloud as the strongest absolute dimension across the cohort.
Artificial Intelligence — Top Company: Qualcomm (94)
Qualcomm leads Telecommunications AI adoption with a score of 94, nearly 35 points ahead of second-ranked Comcast (59) and 40 points ahead of AT&T (54). This gap is among the largest first-to-second gaps of any scoring area across all Naftiko-covered industries, reflecting Qualcomm’s unique position as a semiconductor company whose entire product strategy is predicated on on-device AI inference. Verizon (28) and T-Mobile (21) score in the lower quartile, consistent with their more limited AI-engineering organizational investments relative to their capital spend on spectrum and network infrastructure.
Cloud — Top Company: Qualcomm (132)
Qualcomm leads Cloud at 132, with Comcast (105) and AT&T (101) both scoring above 100 — indicating that the top three Telecommunications companies have achieved genuine cloud infrastructure maturity, even as Verizon (66) and T-Mobile (34) remain in earlier stages. The three-way cluster at 100+ is analytically significant: it means that cloud readiness is a clear dividing line within Telecommunications, separating companies with enterprise-grade cloud-native AI deployment capacity from those still in transition. T-Mobile’s score of 34 is particularly notable given its scale, suggesting network-first capital allocation that has left cloud-infrastructure depth underdeveloped.
Open-Source — Top Company: Qualcomm (55)
Qualcomm leads Open-Source at 55, followed by Comcast (43) and AT&T (39), with Verizon (18) and T-Mobile (12) in a materially lower tier. Open-source contribution and consumption patterns in the AI context reflect whether telecommunications companies are building AI capabilities on community-developed foundations — a cost-efficient and technically sophisticated approach. Comcast’s strong open-source score relative to its AI score suggests that its engineering culture has invested in open-source software engineering broadly, even if AI-specific deployment is still catching up.
Languages — Top Company: Qualcomm (53)
Qualcomm leads Languages at 53, followed by Comcast (41) and AT&T (39), with Verizon (29) and T-Mobile (24) in third and fourth tier. The Language-layer distribution mirrors the Cloud and Open-Source patterns, reinforcing a consistent three-tier structure: Qualcomm leading, Comcast and AT&T in a competitive second tier, and Verizon and T-Mobile materially behind. This consistency across foundational dimensions indicates that the investment gap is structural rather than domain-specific.
Code — Top Company: Qualcomm (47)
Qualcomm leads Code at 47, followed by AT&T (40) and Comcast (38), with Verizon (21) and T-Mobile (14) significantly behind. AT&T’s relative strength in Code compared to its AI score suggests that its engineering organization has a strong software development culture — likely developed through its evolution from network operator to software-defined network provider — that has not yet fully translated into AI-specific deployment.
Layer 2: Retrieval & Grounding
The Retrieval & Grounding layer measures vector database, RAG infrastructure, virtualization, and specification investment — the infrastructure layer required for accurate, grounded AI systems in production telecommunications environments.
Data — Top Company: Qualcomm (121)
Qualcomm leads Data at 121, with Comcast (104) and AT&T (94) both scoring in the 90–120 range, indicating substantial data infrastructure investment across the top three. Telecommunications companies generate enormous volumes of network telemetry, customer interaction, and behavioral data, making data infrastructure investment both strategically obvious and operationally critical. Verizon’s score of 59 and T-Mobile’s score of 29 indicate that data infrastructure sophistication within these carriers is still primarily oriented toward operational network management rather than AI-ready data pipelines.
Databases — Top Company: Comcast (32)
Comcast takes the lead in Databases at 32, narrowly ahead of Qualcomm (31) and AT&T (27). This is one of the few dimensions in the Telecommunications cohort where Qualcomm does not hold first position — Comcast’s database-layer investment reflects its large content delivery, subscriber management, and media technology platform, which requires sophisticated database infrastructure beyond the on-device AI focus of Qualcomm. Verizon (14) and T-Mobile (7) lag substantially.
Virtualization — Top Company: Qualcomm (29)
Qualcomm leads Virtualization at 29, ahead of AT&T (23) and Comcast (17). Virtualization investment in the telecommunications context spans network function virtualization, container-based network slicing for 5G, and AI inference workload isolation — all critical for modernizing telecommunications infrastructure. AT&T’s second-place position reflects its long-running network virtualization program, which has been one of the most publicly documented in the industry. Verizon (12) and T-Mobile (8) continue their below-median positioning.
Specifications — Top Company: Qualcomm (10)
Qualcomm leads Specifications at 10, tied with AT&T (9) and Comcast (9) in a compressed top cluster. The low absolute scores reflect that formal API and interface specifications for AI systems remain nascent across Telecommunications, even for the sector’s leaders. In the telecom context, specification discipline is relevant for open-RAN interfaces, network API standardization, and AI model interchange formats — areas where the industry is still establishing standards rather than deploying mature governance.
Context Engineering — Top Company: N/A
Context Engineering does not yield individual company scores in this reporting period. The tool and service signals show consistent adoption of Git, Terraform, Spring Boot, and Semantic Kernel across the five-company cohort, indicating baseline context-management infrastructure investment but not yet differentiated individual company posture.
Layer 3: Customization & Adaptation
The Customization & Adaptation layer captures fine-tuning infrastructure, model lifecycle management, multimodal capabilities, and domain specialization — the capabilities required to build telecommunications-specific AI assets on top of foundation models.
Data Pipelines — Top Company: Qualcomm (11)
Qualcomm leads Data Pipelines at 11, ahead of Comcast (9) and AT&T (8), with Verizon (4) in fourth position and T-Mobile not appearing in the scored tier. The low absolute scores indicate that structured AI fine-tuning pipeline investment is at an early stage across Telecommunications. For carriers, this dimension is strategically important: proprietary network telemetry data represents a potential training advantage for domain-specific models, but capitalizing on that advantage requires ingestion, labeling, and versioning infrastructure that is still being built.
Model Registry & Versioning — Top Company: Qualcomm (23)
Qualcomm leads Model Registry & Versioning at 23, ahead of Comcast (18) and AT&T (13). Model lifecycle management — the ability to version, audit, rollback, and govern deployed models — is increasingly required as telecommunications companies deploy AI across customer service, network operations, and fraud detection. Qualcomm’s lead reflects its semiconductor company heritage, where hardware component versioning and lifecycle governance have always been rigorous practices.
Multimodal Infrastructure — Top Company: Qualcomm (25)
Qualcomm leads Multimodal Infrastructure at 25, ahead of AT&T (17) and Comcast (13), with Verizon and T-Mobile tied at 6. Qualcomm’s multimodal leadership reflects its Snapdragon platform strategy, which specifically targets on-device vision, audio, and language model execution — exactly the multimodal workloads that will define next-generation 5G device capabilities. AT&T’s second position may reflect investment in multimodal customer service systems — voice-plus-visual interaction channels for enterprise and consumer support.
Domain Specialization — Top Company: Qualcomm (2)
Qualcomm leads Domain Specialization at 2, tied with AT&T (2) and Comcast (2) — all three companies sharing the same low score. The universally minimal Domain Specialization scores indicate that telecommunications-specific foundation models — models trained on network telemetry, call records, or spectrum data — are at the very earliest stage of development across the sector. This represents both a current gap and a future differentiation opportunity for carriers who move first to build proprietary, domain-specialized AI assets.
Layer 4: Efficiency & Specialization
The Efficiency & Specialization layer measures operational AI maturity — automation depth, container infrastructure, platform capability, and production operations — the dimensions that distinguish companies deploying AI reliably at scale from those still in pilot mode.
Automation — Top Company: Qualcomm (74)
Qualcomm leads Automation at 74, followed by AT&T (58) and Comcast (50), with Verizon (33) and T-Mobile (19) behind. The 74-point Qualcomm score is consistent with its score in the Technology cohort, confirming that Qualcomm’s automation posture is driven by its engineering culture rather than industry context. AT&T’s strong second position at 58 reflects its network-operations automation investment — an area where AT&T has made public commitments to AI-driven network management as a cost-reduction strategy.
Containers — Top Company: Qualcomm (37)
Qualcomm leads Containers at 37, ahead of Comcast (26) and AT&T (25), with Verizon (23) in a relatively strong fourth position. Verizon’s above-average Container score relative to its other dimensions may reflect specific investments in containerized network functions — a technical requirement for 5G network slicing — that elevate its container posture independently of its broader AI investment profile.
Platform — Top Company: Qualcomm (43)
Qualcomm leads Platform at 43, ahead of Comcast (32) and AT&T (30), with Verizon and T-Mobile significantly behind. Platform capability in the telecommunications context measures the maturity of the AI development and deployment infrastructure a company provides to its internal engineering teams. Qualcomm’s large lead reflects its developer platform investment in Snapdragon and AI Stack tooling, designed to enable both internal and external developers to build on Qualcomm AI infrastructure.
Operations — Top Company: Qualcomm (76)
Qualcomm leads Operations at 76, followed by AT&T (62) and Comcast (55). Operations scores in telecommunications are particularly meaningful because the operational reliability of AI systems must match the availability standards of the network infrastructure they support — typically five-nines uptime requirements. AT&T’s strong Operations score of 62 suggests it has built AI operational practices commensurate with its network operations heritage.
Layer 5: Productivity
The Productivity layer evaluates the degree to which Telecommunications companies are leveraging AI to accelerate software and services delivery, capturing AI return on investment in measurable throughput gains.
Software As A Service (SaaS) — Top Company: Comcast (2)
Comcast leads SaaS at 2, with low absolute scores across the cohort indicating that SaaS-oriented AI deployment is nascent in Telecommunications. Comcast’s leadership here may reflect its Xfinity and Peacock platform businesses, which operate as consumer-facing SaaS products that increasingly incorporate AI personalization and recommendation capabilities. The overall low scores suggest that telecommunications carriers have not yet materially integrated AI into their B2B SaaS product lines.
Code — Top Company: Qualcomm (47)
Qualcomm leads Code productivity at 47, matching its Foundational Layer Code score, confirming consistent engineering investment across dimensions. The Code productivity dimension specifically captures AI-assisted development tooling adoption — an area where Qualcomm’s AI developer tools business gives it natural competitive advantage in deploying AI coding tools internally.
Services — Top Company: Qualcomm (268)
Qualcomm leads Services at 268, a score that reflects its managed services and platform delivery activities alongside AT&T (212) and Comcast (182). The high absolute Services scores across the top three indicate that Telecommunications companies are capturing significant AI productivity in their managed and professional services delivery — consistent with the industry’s evolution from pure infrastructure providers to managed services and solution providers. Verizon (98) and T-Mobile (40) score proportionally lower, reflecting smaller enterprise services businesses.
Layer 6: Integration & Interoperability
The Integration & Interoperability layer evaluates API, event-driven, standards-based, and Apache and CNCF ecosystem investment — the connective tissue required to integrate AI into telecommunications networks and enterprise systems.
API — Top Company: Qualcomm (22)
Qualcomm leads API investment at 22, with AT&T (19) and Comcast (17) in a tight cluster behind. API investment in Telecommunications is strategically significant given the GSMA Open Gateway initiative and the push toward network-as-a-service APIs — a market structure shift that will require telecommunications carriers to expose network capabilities through programmable interfaces. AT&T’s strong second position may reflect its API platform investment as part of its network function programmability strategy.
Integrations — Top Company: Qualcomm (39)
Qualcomm leads Integrations at 39, matching its Technology cohort score exactly, followed by Comcast (28) and AT&T (26). Integration depth in telecommunications spans network management system integration, CRM and BSS/OSS system integration, and increasingly AI model integration across operational technology stacks — a complex multi-system landscape that rewards early integration investment.
Event-Driven — Top Company: Qualcomm (27)
Qualcomm leads Event-Driven architecture at 27, with AT&T (22) and Comcast (20) behind. Event-driven architectures are foundational for network operations AI — real-time alarm management, anomaly detection, and automated remediation all require event-streaming infrastructure. AT&T’s strong second position in this dimension is consistent with its investment in network intelligence platforms.
Patterns — Top Company: Qualcomm (19)
Qualcomm leads Patterns at 19, ahead of AT&T (16) and Comcast (14). Patterns investment reflects adoption of documented, reusable architectural patterns for AI deployment and integration — an organizational maturity indicator more than a technical capability indicator. The relatively compressed scores across this dimension suggest that formal architectural pattern libraries are early-stage across Telecommunications.
Specifications — Top Company: Qualcomm (10)
Qualcomm leads Specifications at 10, tied with AT&T (9) in second, consistent with the Retrieval & Grounding layer Specifications score. The stability of this low score across two layers indicates a structural gap in formal specification practice across Telecommunications that constrains interoperability investment.
Apache — Top Company: Qualcomm (16)
Qualcomm leads Apache ecosystem adoption at 16, with AT&T (13) and Comcast (11) behind. Apache Kafka, Flink, and related streaming frameworks are critical for telecommunications AI data pipelines processing network telemetry at scale. Qualcomm’s lead reflects its data engineering investment, while AT&T’s strong second position is consistent with its known Kafka deployments for network operations analytics.
CNCF — Top Company: Qualcomm (32)
Qualcomm leads CNCF ecosystem adoption at 32, with AT&T (22) and Comcast (20) behind. CNCF investment in Telecommunications maps directly to 5G cloud-native network function deployment — Kubernetes-orchestrated virtualized network functions are the standard architecture for 5G core and edge infrastructure. The industry’s broader CNCF adoption is therefore a network modernization indicator as well as an AI deployment indicator.
Layer 7: Statefulness
The Statefulness layer evaluates how Telecommunications companies maintain observable, governed, secured, and data-managed AI deployments over time at the operational demands of network infrastructure.
Observability — Top Company: AT&T (49)
AT&T leads Observability at 49, narrowly ahead of Qualcomm (44) and Comcast (38) — one of the few dimensions in the Telecommunications cohort where AT&T outranks Qualcomm. AT&T’s observability leadership reflects its long-standing investment in network management systems, which require comprehensive monitoring of distributed infrastructure at national scale. The network operations context makes observability investment both more mature and more deeply embedded in AT&T’s organizational culture than in companies whose primary product is hardware rather than a 24/7 service.
Governance — Top Company: Qualcomm (34)
Qualcomm leads Governance at 34, ahead of Comcast (28) and AT&T (26). Governance scores in the telecommunications context capture AI policy frameworks, model oversight, and accountability structures — capabilities increasingly required as AI is deployed in network operations decisions that affect millions of subscribers. Qualcomm’s governance investment reflects both its technology company culture and the compliance requirements associated with government-adjacent semiconductor markets.
Security — Top Company: AT&T (85)
AT&T leads Security at 85, with Qualcomm (72) and Comcast (62) significantly behind. AT&T’s security leadership is the industry’s clearest example of sector context driving AI investment posture: telecommunications networks are national security infrastructure, and AT&T’s role as a government network operator imposes security investment obligations that shape its entire technology practice. A Security score of 85 places AT&T at the same tier as Cisco in the Technology sector — and Cisco’s business is building security products.
Data — Top Company: Qualcomm (121)
Qualcomm again leads Data at 121, matching its Retrieval & Grounding score — consistent investment across both retrieval and statefulness dimensions. The stability of Qualcomm’s data-layer score indicates infrastructure investment rather than project-specific data work.
Layer 8: Measurement & Accountability
The Measurement & Accountability layer evaluates testing, observability, developer experience, and ROI measurement — the accountability infrastructure required to manage AI programs at telecommunications scale.
Testing & Quality — Top Company: Qualcomm (27)
Qualcomm leads Testing & Quality at 27, followed by AT&T (22) and Comcast (20). Testing rigor in telecommunications AI covers model evaluation, network simulation testing, and production shadow testing — requirements that are particularly stringent given the real-time reliability demands of network operations. Qualcomm’s semiconductor heritage, where testing is a core business-critical competency, contributes to its leadership here.
Observability — Top Company: AT&T (49)
AT&T again leads Observability at 49, consistent with its Layer 7 position. The consistency of AT&T’s observability leadership across both Statefulness and Measurement layers confirms this as an institutional capability rather than a point investment.
Developer Experience — Top Company: AT&T (24)
AT&T leads Developer Experience at 24, ahead of Qualcomm (23) and Comcast (20). Developer experience investment in telecommunications covers internal AI tooling quality, API developer portals, and engineering platform capabilities. AT&T’s leadership here, narrowly ahead of Qualcomm, may reflect investment in its Developer Alliance program and enterprise API platform — outward-facing developer experience investment that also elevates internal engineering productivity metrics.
ROI & Business Metrics — Top Company: Qualcomm (52)
Qualcomm leads ROI & Business Metrics at 52, significantly ahead of AT&T (42) and Comcast (38). ROI measurement in the telecommunications context captures AI cost savings in network operations, revenue attribution for AI-driven customer targeting, and churn reduction metrics tied to AI personalization. Qualcomm’s large lead reflects the commercial pressure on semiconductor companies to demonstrate AI product ROI in customer proposals and investor communications.
Layer 9: Governance & Risk
The Governance & Risk layer assesses regulatory compliance, AI review, security governance, and privacy investment across the Telecommunications cohort — a sector with significant government oversight and national security implications.
Regulatory Posture — Top Company: Comcast (13)
Comcast leads Regulatory Posture at 13, narrowly ahead of Qualcomm (12) and AT&T (11). Comcast’s regulatory leadership reflects its broadband market position, where AI deployment in content recommendation, network management, and customer data usage intersects with FCC, FTC, and net neutrality regulatory frameworks. Managing this regulatory complexity requires investment in AI compliance monitoring that elevates Comcast’s regulatory posture score.
AI Review & Approval — Top Company: Qualcomm (22)
Qualcomm leads AI Review & Approval at 22, ahead of Comcast (18) and AT&T (15). Internal AI review and approval processes are increasingly formalized at telecommunications companies as AI is deployed in customer-facing and network-critical applications. Qualcomm’s lead may reflect the export control and government contracting compliance requirements associated with its semiconductor business, which impose structured product approval workflows that translate into AI governance disciplines.
Security — Top Company: AT&T (85)
AT&T again leads Security at 85, consistent with its Layer 7 score. The governance dimension of AT&T’s security investment — formal security governance frameworks, AI security policies, audit trails — is as strong as its operational security deployment, indicating institutional commitment rather than tactical investment.
Governance — Top Company: Qualcomm (34)
Qualcomm leads Governance at 34, consistent with its Layer 7 position. The stability of Qualcomm’s governance score indicates a formal AI governance program rather than ad hoc policy activity.
Privacy & Data Rights — Top Company: Qualcomm (5)
Qualcomm leads Privacy & Data Rights at 5, ahead of AT&T (4) and Comcast (3). The universally low scores indicate that formal AI privacy infrastructure — consent management, data subject rights in AI contexts, training data provenance — is nascent across Telecommunications. This is a notable gap given the volume of personal behavioral data telecommunications companies process, and it represents a significant regulatory risk as AI privacy frameworks mature.
Layer 10: Economics & Sustainability
The Economics & Sustainability layer evaluates AI cost management, provider strategy, ecosystem partnerships, talent investment, and data center sustainability across the Telecommunications cohort.
AI FinOps — Top Company: Qualcomm (7)
Qualcomm leads AI FinOps at 7, ahead of AT&T (5) and Comcast (4). The low absolute scores indicate that formal AI cost-management practices are early-stage across Telecommunications. For telecommunications companies deploying AI on large-scale inference infrastructure, GPU cost attribution and optimization represent a growing operational finance requirement that has not yet been addressed by formal FinOps programs.
Provider Strategy — Top Company: Qualcomm (15)
Qualcomm leads Provider Strategy at 15, ahead of AT&T (11) and Comcast (10). Provider strategy in the telecommunications context includes management of cloud AI provider relationships, silicon vendor AI roadmaps, and foundation model API contracts. Qualcomm’s lead here reflects its multi-cloud and multi-partner ecosystem positioning, required to serve diverse OEM and carrier customers with heterogeneous AI infrastructure needs.
Partnerships & Ecosystem — Top Company: Qualcomm (20)
Qualcomm leads Partnerships & Ecosystem at 20, ahead of AT&T (16) and Comcast (14). Ecosystem partnership investment in Telecommunications spans AI startup partnerships, hyperscaler co-investment programs, and standards body participation. Qualcomm’s ecosystem leadership is structurally embedded in its chip-vendor business model, which requires dense partnership networks with device manufacturers, carriers, and application developers.
Talent & Organizational Design — Top Company: Qualcomm (14)
Qualcomm leads Talent & Organizational Design at 14, ahead of AT&T (12) and Comcast (11). Talent investment in Telecommunications AI is constrained by competition for AI engineering talent from hyperscalers and technology companies that can offer higher compensation. AT&T and Comcast’s close positioning behind Qualcomm reflects structured upskilling and AI organizational redesign programs that both carriers have publicly announced.
Data Centers — Top Company: N/A
Data Centers does not yield individual company scores in this reporting period, consistent with the Technology cohort. Telecommunications companies are increasingly investing in on-premises AI inference infrastructure for edge and network operations AI, but this investment is not yet differentiated enough in public signals to rank individual companies.
Layer 11: Storytelling & Entertainment & Theater
The Storytelling & Entertainment & Theater layer evaluates strategic alignment, technical standardization, M&A activity, and innovation culture — the organizational capabilities required for sustained AI leadership in a capital-intensive, regulated industry.
Alignment — Top Company: Qualcomm (26)
Qualcomm leads Alignment at 26, ahead of AT&T (22) and Comcast (19). Alignment signals measure how consistently a company’s AI narrative — executive communications, product strategy, engineering priorities — reinforces a coherent strategic direction. Qualcomm’s strong alignment score reflects the clarity of its on-device AI strategy, which provides an unusually coherent narrative thread running through its product launches, investor communications, and engineering publications.
Standardization — Top Company: Qualcomm (12)
Qualcomm leads Standardization at 12, followed by AT&T (10) and Comcast (9). Standardization investment captures participation in AI standards bodies, adoption of model evaluation benchmarks, and implementation of API governance frameworks. AT&T’s strong second position reflects its long-standing engagement in Open RAN and network standards bodies, a participation pattern that extends naturally into AI standards engagement.
Mergers & Acquisitions — Top Company: Qualcomm (17)
Qualcomm leads M&A activity signals at 17, ahead of AT&T (14) and Comcast (12). Telecommunications M&A in the AI domain has focused on AI software companies, network intelligence vendors, and edge AI platform businesses — a pattern of acqui-hire and capability acquisition rather than large-scale infrastructure consolidation. Qualcomm’s M&A leadership reflects acquisitions of AI optimization software companies and edge inference technology businesses that extend its platform capabilities.
Experimentation & Prototyping — Top Company: N/A
Experimentation & Prototyping does not yield individual company scores in this reporting period. Tool signals across the cohort indicate consistent use of Git, Terraform, and cloud-native experimentation infrastructure, suggesting that experimental AI investment is present but not yet differentiated at the individual company level.
Industry Strategic Assessment
The Telecommunications industry’s AI investment landscape is defined by a structural paradox: carriers own the largest repositories of behavioral and network data in the world, yet consistently score below most other industries on data infrastructure maturity and AI deployment depth. The five-company cohort reveals that Qualcomm — technically a semiconductor company that serves the telecommunications market rather than a carrier itself — is the sector’s AI leader by a wide margin. This is analytically important because it indicates that AI investment in the telecommunications value chain is flowing toward the equipment and chip layer rather than the service delivery layer. Carriers that do not close the investment gap with their own infrastructure suppliers risk becoming dependent on vendor-defined AI capabilities rather than building proprietary AI assets from their network data advantages.
AT&T’s leadership in Security (85) and Observability (49) — the two dimensions most directly tied to network operations excellence — points to the path by which telecommunications carriers can build AI advantage through operational data. Network telemetry, anomaly detection, customer behavior analytics, and real-time demand forecasting are use cases where carriers possess inherent data advantages over technology companies. The investment required to convert those data advantages into AI assets — structured data pipelines, fine-tuning infrastructure, domain-specialized models — is exactly what the low Customization & Adaptation scores in this cohort reveal as the sector’s primary strategic gap. Carriers that prioritize data pipeline and model customization investment over the next 18–24 months are best positioned to convert network data assets into defensible AI differentiation.
T-Mobile’s consistently low scores across all 11 layers deserve analytical attention not as an indictment of the company’s overall strategy, but as a leading indicator of competitive vulnerability in an AI-differentiated market. T-Mobile’s successful network build-out gave it cost and coverage competitive parity with AT&T and Verizon; the next competitive dimension is AI-enabled service differentiation, where T-Mobile currently trails. The company’s score structure — Cloud at 34, AI at 21, Automation at 19 — suggests that network-infrastructure investment has absorbed capital that could otherwise support AI capability building. As 5G network differentiation commoditizes and service differentiation becomes the primary competitive variable, T-Mobile’s AI investment posture will require deliberate rebalancing.
Companies — Total:14
- Altice USAFortune 1000 company Altice USA. Public API documentation has not yet been catalogued in the...
- American TowerAmerican Tower Corporation is one of the largest global REITs and a leading independent owner,...
- AT&TOne of the largest telecommunications companies in the world providing wireless, broadband, and business networking...
- Charter CommunicationsCharter Communications, Inc. is a leading broadband connectivity company and cable operator serving more than...
- ComcastA global media and technology conglomerate and the largest cable television and internet provider in...
- EchoStarEchoStar Corporation (Nasdaq: SATS) is a global, fully integrated communications and content delivery leader and...
- Frontier CommunicationsFrontier Communications is a leading communications and technology provider offering broadband internet, video, and voice...
- Lumen TechnologiesLumen Technologies is a multinational technology company that delivers networking, edge cloud, security, communication and...
- QualcommA multinational semiconductor and telecommunications equipment company and the world leader in mobile chipset technology....
- SBA CommunicationsProfile for SBA Communications in the API Evangelist network. Fortune F1000 (rank 994).
- T-MobileA major American wireless network operator and the second-largest carrier in the United States. Known...
- Telephone and Data SystemsTelephone and Data Systems (TDS) is a diversified telecommunications holding company providing broadband, video, and...
- VerizonA leading American telecommunications company providing wireless, broadband, and enterprise network services. Operates one of...
- ViasatProfile for Viasat in the API Evangelist network. Fortune F1000 (rank 972).
Capabilities are Naftiko definitions for how industry-common services, tools, and standards can be combined to deliver business value using AI. Each capability defines the integrations, workflows, and orchestrations available across this vertical — run them with the Naftiko Framework or browse the shipped set in the Naftiko Fleet.
Retrieves detailed information about a Jira issue including status, assignee, and sprint for AT&T engineering teams.
naftiko: '0.5'
info:
label: Jira Issue Detail Lookup
description: Retrieves detailed information about a Jira issue including status, assignee, and sprint for AT&T engineering teams.
tags:
- engineering
- jira
capability:
exposes:
- type: mcp
namespace: eng-tracking
port: 8080
tools:
- name: get-issue-detail
description: Look up a Jira issue by key. Returns summary, status, assignee, and sprint name.
inputParameters:
- name: issue_key
in: body
type: string
description: The Jira issue key.
call: jira.get-issue
with:
issue_key: '{{issue_key}}'
outputParameters:
- name: summary
type: string
mapping: $.fields.summary
- name: status
type: string
mapping: $.fields.status.name
- name: assignee
type: string
mapping: $.fields.assignee.displayName
consumes:
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_password
resources:
- name: issues
path: /issue/{{issue_key}}
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
When a 5G tower reaches capacity threshold, retrieves tower metrics from Datadog, creates a ServiceNow change request for capacity expansion, and notifies network engineering via Microsoft Teams.
naftiko: '0.5'
info:
label: 5G Tower Capacity Alert Handler
description: When a 5G tower reaches capacity threshold, retrieves tower metrics from Datadog, creates a ServiceNow change request for capacity expansion, and notifies network engineering via Microsoft Teams.
tags:
- network
- 5g
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: network-capacity
port: 8080
tools:
- name: handle-tower-capacity-alert
description: Given a tower ID and utilization percentage, handle the capacity alert workflow.
inputParameters:
- name: tower_id
in: body
type: string
description: The 5G tower identifier.
- name: utilization_pct
in: body
type: number
description: Current utilization percentage.
steps:
- name: get-tower-metrics
type: call
call: datadog.get-tower-metrics
with:
tower_id: '{{tower_id}}'
- name: create-change-request
type: call
call: servicenow.create-change-request
with:
short_description: 5G tower {{tower_id}} capacity expansion - {{utilization_pct}}% utilized
category: network
priority: '2'
- name: notify-engineering
type: call
call: teams.post-message
with:
channel_id: network-engineering
text: '5G tower {{tower_id}} at {{utilization_pct}}% capacity. Change request: {{create-change-request.number}}. Peak traffic: {{get-tower-metrics.peak_traffic}}.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
operations:
- name: get-tower-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Checks the last refresh status and timing of an AT&T Power BI dataset.
naftiko: '0.5'
info:
label: Power BI Report Status Check
description: Checks the last refresh status and timing of an AT&T Power BI dataset.
tags:
- analytics
- power-bi
capability:
exposes:
- type: mcp
namespace: bi-reports
port: 8080
tools:
- name: get-dataset-refresh-status
description: Check the last refresh status of a Power BI dataset. Returns status, start time, and end time.
inputParameters:
- name: dataset_id
in: body
type: string
description: The Power BI dataset ID.
call: powerbi.get-refresh-history
with:
dataset_id: '{{dataset_id}}'
outputParameters:
- name: status
type: string
mapping: $.value[0].status
- name: start_time
type: string
mapping: $.value[0].startTime
- name: end_time
type: string
mapping: $.value[0].endTime
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh-history
method: GET
Posts a notification message to a specified Microsoft Teams channel for AT&T team communications.
naftiko: '0.5'
info:
label: Microsoft Teams Channel Message Post
description: Posts a notification message to a specified Microsoft Teams channel for AT&T team communications.
tags:
- communications
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: team-notifications
port: 8080
tools:
- name: post-channel-message
description: Post a message to a Microsoft Teams channel. Returns message ID and timestamp.
inputParameters:
- name: channel_id
in: body
type: string
description: The Teams channel ID.
- name: message
in: body
type: string
description: The message text to post.
call: teams.post-message
with:
channel_id: '{{channel_id}}'
message: '{{message}}'
outputParameters:
- name: message_id
type: string
mapping: $.id
- name: timestamp
type: string
mapping: $.createdDateTime
consumes:
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: channels
path: /teams/{{channel_id}}/channels/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Audits S3 bucket lifecycle policies for compliance, logs findings in Snowflake, and creates a Jira ticket for non-compliant buckets.
naftiko: '0.5'
info:
label: S3 Data Lifecycle Compliance Checker
description: Audits S3 bucket lifecycle policies for compliance, logs findings in Snowflake, and creates a Jira ticket for non-compliant buckets.
tags:
- cloud
- compliance
- aws
- snowflake
- jira
capability:
exposes:
- type: mcp
namespace: data-lifecycle
port: 8080
tools:
- name: check-s3-compliance
description: Given an S3 bucket name, audit its lifecycle policy and flag compliance gaps.
inputParameters:
- name: bucket_name
in: body
type: string
description: The S3 bucket name to audit.
steps:
- name: get-policy
type: call
call: aws-s3.get-lifecycle
with:
bucket_name: '{{bucket_name}}'
- name: log-finding
type: call
call: snowflake.insert-audit
with:
bucket: '{{bucket_name}}'
policy_status: '{{get-policy.status}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: COMPLIANCE
summary: 'S3 lifecycle non-compliant: {{bucket_name}}'
description: 'Policy status: {{get-policy.status}}. Rules count: {{get-policy.rules_count}}'
consumes:
- type: http
namespace: aws-s3
baseUri: https://s3.amazonaws.com
authentication:
type: apikey
key: Authorization
value: $secrets.aws_auth_token
placement: header
resources:
- name: lifecycle
path: /{{bucket_name}}?lifecycle
operations:
- name: get-lifecycle
method: GET
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-audit
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
Executes a read-only Snowflake query to retrieve subscriber usage analytics for a given market segment.
naftiko: '0.5'
info:
label: Snowflake Subscriber Analytics Query
description: Executes a read-only Snowflake query to retrieve subscriber usage analytics for a given market segment.
tags:
- analytics
- data
- snowflake
capability:
exposes:
- type: mcp
namespace: subscriber-analytics
port: 8080
tools:
- name: query-subscriber-usage
description: Given a market segment code, return the average data usage, peak hour, and subscriber count from Snowflake.
inputParameters:
- name: market_segment
in: body
type: string
description: Market segment code (e.g., SE-ATL, MW-CHI).
call: snowflake.run-query
with:
market_segment: '{{market_segment}}'
outputParameters:
- name: avg_data_gb
type: number
mapping: $.data[0].avg_data_gb
- name: peak_hour
type: string
mapping: $.data[0].peak_hour
- name: subscriber_count
type: number
mapping: $.data[0].subscriber_count
consumes:
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
inputParameters:
- name: market_segment
in: query
operations:
- name: run-query
method: POST
When an Oracle database performance threshold is breached, retrieves metrics from Datadog, creates a ServiceNow incident, and notifies the DBA team via Microsoft Teams.
naftiko: '0.5'
info:
label: Oracle Database Performance Alert Handler
description: When an Oracle database performance threshold is breached, retrieves metrics from Datadog, creates a ServiceNow incident, and notifies the DBA team via Microsoft Teams.
tags:
- database
- performance
- oracle
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: db-performance
port: 8080
tools:
- name: handle-db-performance-alert
description: Given a Datadog alert ID for Oracle database performance, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog monitor alert ID.
- name: db_instance
in: body
type: string
description: Oracle database instance name.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Oracle DB performance: {{db_instance}}'
urgency: '2'
description: '{{get-alert.message}}'
- name: notify-dba
type: call
call: teams.post-message
with:
channel_id: dba-team
text: 'Oracle performance alert: {{db_instance}}. {{get-alert.message}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Scans Box for enterprise contracts nearing expiration, creates a Salesforce task for the account manager, and sends an Outlook email reminder.
naftiko: '0.5'
info:
label: Box Contract Expiry Notification
description: Scans Box for enterprise contracts nearing expiration, creates a Salesforce task for the account manager, and sends an Outlook email reminder.
tags:
- procurement
- contracts
- box
- salesforce
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: contract-alerts
port: 8080
tools:
- name: notify-contract-expiry
description: Given a Box folder ID for contracts, find expiring contracts and notify stakeholders.
inputParameters:
- name: folder_id
in: body
type: string
description: Box folder ID containing contracts.
- name: days_threshold
in: body
type: number
description: Days until expiry threshold.
steps:
- name: search-contracts
type: call
call: box.search-files
with:
folder_id: '{{folder_id}}'
query: expiry
- name: create-task
type: call
call: salesforce.create-task
with:
subject: Contract expiry review — {{search-contracts.file_count}} contracts
due_date: '2026-04-15'
- name: send-reminder
type: call
call: outlook.send-email
with:
to: procurement@att.com
subject: 'Contract expiry alert: {{search-contracts.file_count}} contracts within {{days_threshold}} days'
body: 'Please review the contracts in Box folder. Salesforce task: {{create-task.id}}'
consumes:
- type: http
namespace: box
baseUri: https://api.box.com/2.0
authentication:
type: bearer
token: $secrets.box_token
resources:
- name: files
path: /search
operations:
- name: search-files
method: GET
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: tasks
path: /sobjects/Task
operations:
- name: create-task
method: POST
- type: http
namespace: outlook
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: mail
path: /me/sendMail
operations:
- name: send-email
method: POST
Retrieves metadata and sharing details for a file stored in AT&T Box enterprise account.
naftiko: '0.5'
info:
label: Box File Metadata Lookup
description: Retrieves metadata and sharing details for a file stored in AT&T Box enterprise account.
tags:
- collaboration
- box
capability:
exposes:
- type: mcp
namespace: file-storage
port: 8080
tools:
- name: get-file-metadata
description: Look up Box file metadata by ID. Returns file name, owner, size, and shared link status.
inputParameters:
- name: file_id
in: body
type: string
description: The Box file ID.
call: box.get-file
with:
file_id: '{{file_id}}'
outputParameters:
- name: name
type: string
mapping: $.name
- name: owner
type: string
mapping: $.owned_by.login
- name: size_bytes
type: number
mapping: $.size
consumes:
- type: http
namespace: box
baseUri: https://api.box.com/2.0
authentication:
type: bearer
token: $secrets.box_token
resources:
- name: files
path: /files/{{file_id}}
inputParameters:
- name: file_id
in: path
operations:
- name: get-file
method: GET
When an employee changes roles in Workday, updates their Okta group memberships and notifies the new manager via Slack.
naftiko: '0.5'
info:
label: Workday Role Change Provisioning
description: When an employee changes roles in Workday, updates their Okta group memberships and notifies the new manager via Slack.
tags:
- hr
- identity
- workday
- okta
- slack
capability:
exposes:
- type: mcp
namespace: hr-role-change
port: 8080
tools:
- name: sync-role-change
description: Given a Workday employee ID and new role details, update Okta group assignments and notify the new manager via Slack.
inputParameters:
- name: workday_employee_id
in: body
type: string
description: The Workday worker ID for the employee changing roles.
- name: new_role
in: body
type: string
description: The new job role or title.
- name: new_manager_slack_id
in: body
type: string
description: The Slack user ID of the new manager.
steps:
- name: get-worker
type: call
call: workday-role.get-worker
with:
worker_id: '{{workday_employee_id}}'
- name: update-okta-groups
type: call
call: okta-role.update-user-groups
with:
user_id: '{{get-worker.okta_user_id}}'
department: '{{get-worker.new_department}}'
- name: notify-new-manager
type: call
call: slack-role.post-message
with:
channel: '{{new_manager_slack_id}}'
text: '{{get-worker.full_name}} has joined your team in role: {{new_role}}. Okta access updated.'
consumes:
- type: http
namespace: workday-role
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-role
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{user_id}}/groups
inputParameters:
- name: user_id
in: path
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: slack-role
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a contract renewal date approaches in Salesforce, retrieves account health from Snowflake, generates a renewal proposal summary with OpenAI, and creates a Jira task for the account team.
naftiko: '0.5'
info:
label: Enterprise Contract Renewal Workflow
description: When a contract renewal date approaches in Salesforce, retrieves account health from Snowflake, generates a renewal proposal summary with OpenAI, and creates a Jira task for the account team.
tags:
- sales
- crm
- salesforce
- snowflake
- openai
- jira
capability:
exposes:
- type: mcp
namespace: contract-management
port: 8080
tools:
- name: initiate-contract-renewal
description: Given a Salesforce account ID approaching renewal, orchestrate the renewal preparation workflow.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID.
- name: renewal_date
in: body
type: string
description: The contract renewal date.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_id: '{{account_id}}'
- name: get-usage-metrics
type: call
call: snowflake.query-account-usage
with:
account_id: '{{account_id}}'
- name: generate-proposal
type: call
call: openai.chat-completion
with:
prompt: 'Generate a contract renewal proposal summary for {{get-account.name}}, current value ${{get-account.annual_revenue}}, usage trend: {{get-usage-metrics.trend}}, renewal date: {{renewal_date}}.'
- name: create-renewal-task
type: call
call: jira.create-issue
with:
summary: 'Contract renewal: {{get-account.name}} - due {{renewal_date}}'
description: '{{generate-proposal.response}}'
project: SALES
issue_type: Task
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
operations:
- name: get-account
method: GET
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: queries
path: /statements
operations:
- name: query-account-usage
method: POST
- type: http
namespace: openai
baseUri: https://api.openai.com/v1
authentication:
type: bearer
token: $secrets.openai_api_key
resources:
- name: completions
path: /chat/completions
operations:
- name: chat-completion
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_password
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
Retrieves the current health status of a specific AT&T service monitored in Datadog.
naftiko: '0.5'
info:
label: Datadog Service Health Check
description: Retrieves the current health status of a specific AT&T service monitored in Datadog.
tags:
- monitoring
- datadog
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: get-service-health
description: Check the health of an AT&T service in Datadog. Returns overall status, error rate, and latency.
inputParameters:
- name: service_name
in: body
type: string
description: The Datadog service name.
call: datadog.get-service-status
with:
service_name: '{{service_name}}'
outputParameters:
- name: status
type: string
mapping: $.overall_status
- name: error_rate
type: number
mapping: $.error_rate
- name: p99_latency_ms
type: number
mapping: $.p99_latency
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: services
path: /service_map/{{service_name}}
inputParameters:
- name: service_name
in: path
operations:
- name: get-service-status
method: GET
When a qualifying LinkedIn signal occurs for an enterprise prospect, enriches the Salesforce contact and notifies the account executive via Slack.
naftiko: '0.5'
info:
label: Sales Intelligence Enrichment from LinkedIn
description: When a qualifying LinkedIn signal occurs for an enterprise prospect, enriches the Salesforce contact and notifies the account executive via Slack.
tags:
- sales
- crm
- salesforce
- linkedin
- slack
capability:
exposes:
- type: mcp
namespace: sales-intelligence
port: 8080
tools:
- name: enrich-contact-from-linkedin
description: Given a LinkedIn member URN and Salesforce contact ID, fetch the LinkedIn profile, update Salesforce, and notify the account executive via Slack.
inputParameters:
- name: linkedin_member_urn
in: body
type: string
description: The LinkedIn member URN for the contact.
- name: salesforce_contact_id
in: body
type: string
description: The Salesforce contact record ID to enrich.
- name: ae_slack_id
in: body
type: string
description: The Slack user ID of the owning account executive.
steps:
- name: get-linkedin-profile
type: call
call: linkedin.get-profile
with:
member_urn: '{{linkedin_member_urn}}'
- name: enrich-salesforce
type: call
call: salesforce-si.update-contact
with:
contact_id: '{{salesforce_contact_id}}'
title: '{{get-linkedin-profile.headline}}'
linkedin_profile: https://www.linkedin.com/in/{{get-linkedin-profile.vanityName}}
- name: notify-ae
type: call
call: slack-si.post-message
with:
channel: '{{ae_slack_id}}'
text: 'Lead Signal: {{get-linkedin-profile.firstName}} {{get-linkedin-profile.lastName}} | Title: {{get-linkedin-profile.headline}} | Salesforce enriched.'
consumes:
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: profiles
path: /people/{{member_urn}}
inputParameters:
- name: member_urn
in: path
operations:
- name: get-profile
method: GET
- type: http
namespace: salesforce-si
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: contacts
path: /sobjects/Contact/{{contact_id}}
inputParameters:
- name: contact_id
in: path
operations:
- name: update-contact
method: PATCH
- type: http
namespace: slack-si
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves the current health status of AT&T's monitored network infrastructure hosts and active Datadog monitors, returning a consolidated health snapshot.
naftiko: '0.5'
info:
label: Datadog Network Infrastructure Health Check
description: Retrieves the current health status of AT&T's monitored network infrastructure hosts and active Datadog monitors, returning a consolidated health snapshot.
tags:
- observability
- datadog
- monitoring
- network
- infrastructure
capability:
exposes:
- type: mcp
namespace: infra-monitoring
port: 8080
tools:
- name: get-network-health
description: Query Datadog for the current status of all monitored network hosts and active alerts for a given environment. Use for NOC dashboards and incident triage.
inputParameters:
- name: environment
in: body
type: string
description: 'The environment to query: production, staging, or development.'
call: datadog.list-monitors
with:
tags: env:{{environment}}
outputParameters:
- name: monitors
type: array
mapping: $.monitors
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: monitors
path: /monitor
operations:
- name: list-monitors
method: GET
inputParameters:
- name: tags
in: query
Returns current headcount by department and cost center from Workday for workforce planning and cost analysis.
naftiko: '0.5'
info:
label: Payroll Headcount Snapshot
description: Returns current headcount by department and cost center from Workday for workforce planning and cost analysis.
tags:
- hr
- finance
- reporting
- workday
- headcount
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-by-department
description: Returns a list of active AT&T employees grouped by department and cost center from Workday. Use for headcount planning, budget reviews, and workforce analytics.
call: workday-hc.headcount-report
outputParameters:
- name: employees
type: array
mapping: $.data
consumes:
- type: http
namespace: workday-hc
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: headcount
path: /att/reports/headcount
operations:
- name: headcount-report
method: GET
When a network service outage is detected via Datadog, creates a ServiceNow major incident, triggers a PagerDuty page for the NOC, and notifies stakeholders in Slack.
naftiko: '0.5'
info:
label: Network Service Outage Response
description: When a network service outage is detected via Datadog, creates a ServiceNow major incident, triggers a PagerDuty page for the NOC, and notifies stakeholders in Slack.
tags:
- network
- itsm
- incident-response
- datadog
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: noc-ops
port: 8080
tools:
- name: handle-network-outage
description: Given a Datadog network alert ID, affected region, and impacted services, create a ServiceNow major incident, trigger a PagerDuty NOC page, and notify stakeholders in Slack.
inputParameters:
- name: alert_id
in: body
type: string
description: The Datadog alert or monitor ID for the network event.
- name: affected_region
in: body
type: string
description: The AT&T network region affected, e.g. Southeast, Midwest.
- name: impacted_services
in: body
type: string
description: Comma-separated list of impacted services, e.g. 5G, Fiber, Business.
- name: estimated_customers_affected
in: body
type: integer
description: Estimated number of customers affected.
steps:
- name: create-major-incident
type: call
call: servicenow-noc.create-incident
with:
short_description: 'Network outage: {{affected_region}} — {{impacted_services}}'
description: 'Alert: {{alert_id}}. Estimated customers affected: {{estimated_customers_affected}}.'
urgency: '1'
impact: '1'
assignment_group: NOC
severity: '1'
- name: page-noc
type: call
call: pagerduty-noc.create-incident
with:
title: 'Network outage: {{affected_region}} — {{impacted_services}}'
service_id: $secrets.pd_noc_service_id
body: 'Estimated {{estimated_customers_affected}} customers affected. Datadog: {{alert_id}}.'
- name: notify-stakeholders
type: call
call: slack-noc.post-message
with:
channel: '#network-outage-bridge'
text: 'OUTAGE: {{affected_region}} | Services: {{impacted_services}} | ~{{estimated_customers_affected}} customers | SNOW: {{create-major-incident.number}} | PD: {{page-noc.incident_number}}'
consumes:
- type: http
namespace: servicenow-noc
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty-noc
baseUri: https://api.pagerduty.com
authentication:
type: apikey
key: Authorization
value: $secrets.pagerduty_token
placement: header
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-noc
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves application performance metrics from New Relic for an AT&T application.
naftiko: '0.5'
info:
label: New Relic Application Performance Lookup
description: Retrieves application performance metrics from New Relic for an AT&T application.
tags:
- monitoring
- new-relic
capability:
exposes:
- type: mcp
namespace: apm
port: 8080
tools:
- name: get-app-performance
description: Look up New Relic application metrics. Returns response time, throughput, and error rate.
inputParameters:
- name: app_id
in: body
type: string
description: The New Relic application ID.
call: newrelic.get-app-metrics
with:
app_id: '{{app_id}}'
outputParameters:
- name: response_time_ms
type: number
mapping: $.application.application_summary.response_time
- name: throughput
type: number
mapping: $.application.application_summary.throughput
- name: error_rate
type: number
mapping: $.application.application_summary.error_rate
consumes:
- type: http
namespace: newrelic
baseUri: https://api.newrelic.com/v2
authentication:
type: apikey
key: Api-Key
value: $secrets.newrelic_api_key
placement: header
resources:
- name: applications
path: /applications/{{app_id}}.json
inputParameters:
- name: app_id
in: path
operations:
- name: get-app-metrics
method: GET
When a new hire is confirmed in Workday, creates a ServiceNow request for IT equipment, provisions Azure AD account, and sends setup instructions via email through Microsoft Graph.
naftiko: '0.5'
info:
label: New Hire IT Equipment Provisioning
description: When a new hire is confirmed in Workday, creates a ServiceNow request for IT equipment, provisions Azure AD account, and sends setup instructions via email through Microsoft Graph.
tags:
- hr
- it-operations
- workday
- servicenow
- azure
- microsoft-graph
capability:
exposes:
- type: mcp
namespace: it-provisioning
port: 8080
tools:
- name: provision-new-hire-equipment
description: Given a Workday employee ID, orchestrate IT equipment provisioning for a new hire.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday employee ID.
- name: start_date
in: body
type: string
description: The employee start date.
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: create-equipment-request
type: call
call: servicenow.create-request
with:
short_description: IT equipment for {{get-employee.full_name}} starting {{start_date}}
category: hardware
assignment_group: IT_Provisioning
- name: create-azure-account
type: call
call: azure.create-user
with:
display_name: '{{get-employee.full_name}}'
mail: '{{get-employee.work_email}}'
department: '{{get-employee.department}}'
- name: send-setup-email
type: call
call: graph.send-mail
with:
to: '{{get-employee.work_email}}'
subject: Welcome to AT&T - IT Setup Instructions
body: Hi {{get-employee.first_name}}, your equipment request {{create-equipment-request.number}} has been submitted. Your Azure account is ready.
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: requests
path: /table/sc_request
operations:
- name: create-request
method: POST
- type: http
namespace: azure
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.azure_ad_token
resources:
- name: users
path: /users
operations:
- name: create-user
method: POST
- type: http
namespace: graph
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.graph_token
resources:
- name: mail
path: /me/sendMail
operations:
- name: send-mail
method: POST
Correlates Splunk security events with CrowdStrike threat intelligence, creates a ServiceNow security incident, and notifies the SOC via Microsoft Teams.
naftiko: '0.5'
info:
label: Splunk Threat Intelligence Correlator
description: Correlates Splunk security events with CrowdStrike threat intelligence, creates a ServiceNow security incident, and notifies the SOC via Microsoft Teams.
tags:
- security
- threat-intelligence
- splunk
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: threat-correlation
port: 8080
tools:
- name: correlate-threat-intel
description: Given a Splunk search ID with suspicious indicators, correlate with threat intel and escalate.
inputParameters:
- name: search_id
in: body
type: string
description: Splunk search job ID.
- name: indicator
in: body
type: string
description: The threat indicator (IP, hash, or domain).
steps:
- name: get-splunk-results
type: call
call: splunk.get-search-results
with:
search_id: '{{search_id}}'
- name: check-threat-intel
type: call
call: crowdstrike.check-indicator
with:
indicator: '{{indicator}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Threat intel match: {{indicator}}'
urgency: '1'
description: 'Splunk hits: {{get-splunk-results.event_count}}. CrowdStrike verdict: {{check-threat-intel.verdict}}'
- name: alert-soc
type: call
call: teams.post-message
with:
channel_id: soc-alerts
text: 'Threat intel match: {{indicator}}. Verdict: {{check-threat-intel.verdict}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.att.com:8089
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: search
path: /services/search/jobs/{{search_id}}/results
operations:
- name: get-search-results
method: GET
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: intel
path: /intel/combined/indicators/v1
operations:
- name: check-indicator
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves a pending expense report from SAP Concur and routes it for manager approval via ServiceNow.
naftiko: '0.5'
info:
label: SAP Concur Expense Report Approval
description: Retrieves a pending expense report from SAP Concur and routes it for manager approval via ServiceNow.
tags:
- finance
- expense-management
- sap-concur
- servicenow
capability:
exposes:
- type: mcp
namespace: expense-mgmt
port: 8080
tools:
- name: process-expense-report
description: Given a SAP Concur expense report ID, retrieve the report details and create a ServiceNow approval task for the manager.
inputParameters:
- name: expense_report_id
in: body
type: string
description: The SAP Concur expense report identifier.
- name: employee_id
in: body
type: string
description: The employee ID submitting the expense report.
steps:
- name: get-expense-report
type: call
call: sap-concur.get-expense-report
with:
report_id: '{{expense_report_id}}'
- name: create-approval-task
type: call
call: servicenow-exp.create-task
with:
short_description: 'Expense approval: {{employee_id}} — {{expense_report_id}}'
description: 'Amount: {{get-expense-report.total_amount}} {{get-expense-report.currency}}.'
assignment_group: Finance_Expense
consumes:
- type: http
namespace: sap-concur
baseUri: https://www.concursolutions.com/api/v3.0
authentication:
type: bearer
token: $secrets.concur_token
resources:
- name: expense-reports
path: /expense/reports/{{report_id}}
inputParameters:
- name: report_id
in: path
operations:
- name: get-expense-report
method: GET
- type: http
namespace: servicenow-exp
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/task
operations:
- name: create-task
method: POST
Retrieves the health status, CPU load, and memory utilization of a network node monitored by SolarWinds at AT&T.
naftiko: '0.5'
info:
label: SolarWinds Node Health Check
description: Retrieves the health status, CPU load, and memory utilization of a network node monitored by SolarWinds at AT&T.
tags:
- monitoring
- network
- solarwinds
capability:
exposes:
- type: mcp
namespace: node-monitoring
port: 8080
tools:
- name: get-node-health
description: Given a SolarWinds node ID, return the node status, CPU load percentage, and memory utilization percentage.
inputParameters:
- name: node_id
in: body
type: string
description: The SolarWinds node ID.
call: solarwinds.get-node
with:
node_id: '{{node_id}}'
outputParameters:
- name: status
type: string
mapping: $.Status
- name: cpu_load
type: number
mapping: $.CPULoad
- name: memory_pct
type: number
mapping: $.PercentMemoryUsed
consumes:
- type: http
namespace: solarwinds
baseUri: https://solarwinds.att.com:17778/SolarWinds/InformationService/v3/Json
authentication:
type: basic
username: $secrets.solarwinds_user
password: $secrets.solarwinds_password
resources:
- name: nodes
path: /Query
inputParameters:
- name: node_id
in: query
operations:
- name: get-node
method: GET
When CrowdStrike detects a high-severity endpoint threat, creates a ServiceNow security incident, isolates the endpoint, and alerts the SOC via Slack.
naftiko: '0.5'
info:
label: CrowdStrike Security Alert Triage
description: When CrowdStrike detects a high-severity endpoint threat, creates a ServiceNow security incident, isolates the endpoint, and alerts the SOC via Slack.
tags:
- security
- crowdstrike
- servicenow
- incident-response
- slack
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: handle-endpoint-detection
description: Given a CrowdStrike detection ID and host ID, create a ServiceNow security incident, contain the host, and alert the AT&T SOC Slack channel.
inputParameters:
- name: detection_id
in: body
type: string
description: The CrowdStrike detection ID.
- name: host_id
in: body
type: string
description: The CrowdStrike host ID for the affected endpoint.
- name: severity
in: body
type: string
description: 'Detection severity: critical, high, medium, or low.'
steps:
- name: create-security-incident
type: call
call: servicenow-soc.create-incident
with:
short_description: CrowdStrike detection {{detection_id}} — {{severity}}
category: security
assignment_group: SOC
urgency: '1'
- name: isolate-host
type: call
call: crowdstrike.contain-host
with:
host_id: '{{host_id}}'
- name: alert-soc
type: call
call: slack-soc.post-message
with:
channel: '#soc-alerts'
text: 'SECURITY: CrowdStrike {{detection_id}} ({{severity}}) on host {{host_id}}. Host isolated. SNOW: {{create-security-incident.number}}.'
consumes:
- type: http
namespace: servicenow-soc
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: host-containment
path: /devices/entities/devices-actions/v2
operations:
- name: contain-host
method: POST
- type: http
namespace: slack-soc
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Coordinates network maintenance by creating a ServiceNow change request, notifying affected teams via Slack, scheduling a Zoom bridge, and updating Confluence with the maintenance plan.
naftiko: '0.5'
info:
label: Network Maintenance Window Coordinator
description: Coordinates network maintenance by creating a ServiceNow change request, notifying affected teams via Slack, scheduling a Zoom bridge, and updating Confluence with the maintenance plan.
tags:
- network
- operations
- servicenow
- slack
- zoom
- confluence
capability:
exposes:
- type: mcp
namespace: maintenance-ops
port: 8080
tools:
- name: coordinate-maintenance-window
description: Given maintenance details, coordinate the full maintenance window workflow.
inputParameters:
- name: region
in: body
type: string
description: The network region for maintenance.
- name: start_time
in: body
type: string
description: Maintenance start time.
- name: duration_hours
in: body
type: number
description: Expected duration in hours.
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'Network maintenance: {{region}} - {{start_time}}'
category: network
planned_start: '{{start_time}}'
- name: create-bridge
type: call
call: zoom.create-meeting
with:
topic: 'Network maintenance bridge: {{region}}'
start_time: '{{start_time}}'
duration: '{{duration_hours}}'
- name: notify-teams
type: call
call: slack.post-message
with:
channel: '#network-maintenance'
text: 'Scheduled maintenance for {{region}} at {{start_time}} ({{duration_hours}}h). CR: {{create-change.number}}. Zoom: {{create-bridge.join_url}}'
- name: update-wiki
type: call
call: confluence.create-page
with:
title: 'Maintenance: {{region}} - {{start_time}}'
body: 'Change request: {{create-change.number}}. Duration: {{duration_hours}}h. Zoom bridge: {{create-bridge.join_url}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: zoom
baseUri: https://api.zoom.us/v2
authentication:
type: bearer
token: $secrets.zoom_token
resources:
- name: meetings
path: /users/me/meetings
operations:
- name: create-meeting
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
- type: http
namespace: confluence
baseUri: https://att.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_password
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
When Datadog detects network performance degradation, retrieves affected region details, creates a ServiceNow incident, and notifies the NOC team via Slack.
naftiko: '0.5'
info:
label: Network Performance Degradation Response
description: When Datadog detects network performance degradation, retrieves affected region details, creates a ServiceNow incident, and notifies the NOC team via Slack.
tags:
- network
- operations
- datadog
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: network-ops
port: 8080
tools:
- name: handle-network-degradation
description: Given a Datadog alert ID, orchestrate the network degradation response workflow.
inputParameters:
- name: alert_id
in: body
type: string
description: The Datadog alert ID.
- name: region
in: body
type: string
description: The affected network region.
steps:
- name: get-alert-details
type: call
call: datadog.get-alert
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Network degradation in {{region}}: {{get-alert-details.title}}'
category: network
priority: '2'
- name: notify-noc
type: call
call: slack.post-message
with:
channel: '#noc-alerts'
text: 'Network degradation detected in {{region}}. Incident: {{create-incident.number}}. Alert: {{get-alert-details.title}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: alerts
path: /alerts/{{alert_id}}
operations:
- name: get-alert
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a Zendesk ticket is flagged for escalation, retrieves account details from Salesforce, creates a ServiceNow incident, and notifies the escalation team via Microsoft Teams.
naftiko: '0.5'
info:
label: Customer Service Escalation Handler
description: When a Zendesk ticket is flagged for escalation, retrieves account details from Salesforce, creates a ServiceNow incident, and notifies the escalation team via Microsoft Teams.
tags:
- customer-support
- zendesk
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: customer-escalation
port: 8080
tools:
- name: handle-escalation
description: Given a Zendesk ticket ID and customer account number, escalate the case across systems.
inputParameters:
- name: ticket_id
in: body
type: string
description: The Zendesk ticket ID.
- name: account_number
in: body
type: string
description: The AT&T customer account number.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_number: '{{account_number}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Escalation: Zendesk #{{ticket_id}} — {{get-account.Name}}'
urgency: '2'
impact: '2'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: customer-escalations
text: 'Escalation: {{get-account.Name}} ({{account_number}}). Zendesk: {{ticket_id}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query
operations:
- name: get-account
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves fiber installation order status from Salesforce, checks technician schedule in ServiceNow, and updates the customer via SMS through the messaging platform.
naftiko: '0.5'
info:
label: Fiber Installation Order Tracker
description: Retrieves fiber installation order status from Salesforce, checks technician schedule in ServiceNow, and updates the customer via SMS through the messaging platform.
tags:
- fiber
- installation
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: fiber-orders
port: 8080
tools:
- name: track-fiber-installation
description: Given a Salesforce order ID, track the fiber installation progress and update the customer.
inputParameters:
- name: order_id
in: body
type: string
description: The Salesforce fiber installation order ID.
steps:
- name: get-order
type: call
call: salesforce.get-order
with:
order_id: '{{order_id}}'
- name: get-tech-schedule
type: call
call: servicenow.get-work-order
with:
order_ref: '{{order_id}}'
- name: send-update
type: call
call: messaging.send-sms
with:
phone: '{{get-order.customer_phone}}'
message: 'AT&T Fiber: Your installation is {{get-tech-schedule.status}}. Technician window: {{get-tech-schedule.scheduled_time}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: orders
path: /sobjects/Order/{{order_id}}
operations:
- name: get-order
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: work-orders
path: /table/wm_order
operations:
- name: get-work-order
method: GET
- type: http
namespace: messaging
baseUri: https://messaging.att.com/api/v1
authentication:
type: bearer
token: $secrets.messaging_api_token
resources:
- name: sms
path: /messages/sms
operations:
- name: send-sms
method: POST
When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager via Slack.
naftiko: '0.5'
info:
label: LinkedIn Talent Acquisition Signal
description: When a candidate applies via LinkedIn Recruiter, enriches their profile in Workday Recruiting and notifies the hiring manager via Slack.
tags:
- hr
- recruiting
- linkedin
- workday
- slack
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: enrich-candidate-profile
description: Given a LinkedIn member URN and Workday job requisition ID, fetch the LinkedIn profile, create the candidate record in Workday, and notify the hiring manager via Slack.
inputParameters:
- name: linkedin_member_urn
in: body
type: string
description: The LinkedIn member URN for the candidate.
- name: job_req_id
in: body
type: string
description: The Workday job requisition ID.
- name: hiring_manager_slack_id
in: body
type: string
description: The Slack user ID of the hiring manager.
steps:
- name: get-linkedin-profile
type: call
call: linkedin.get-profile
with:
member_urn: '{{linkedin_member_urn}}'
- name: create-candidate
type: call
call: workday-recruit.create-candidate
with:
job_req_id: '{{job_req_id}}'
first_name: '{{get-linkedin-profile.firstName}}'
last_name: '{{get-linkedin-profile.lastName}}'
headline: '{{get-linkedin-profile.headline}}'
- name: notify-hiring-manager
type: call
call: slack-recruit.post-message
with:
channel: '{{hiring_manager_slack_id}}'
text: 'New candidate: {{get-linkedin-profile.firstName}} {{get-linkedin-profile.lastName}} applied for req {{job_req_id}}. Workday: {{create-candidate.candidate_id}}.'
consumes:
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: profiles
path: /people/{{member_urn}}
inputParameters:
- name: member_urn
in: path
operations:
- name: get-profile
method: GET
- type: http
namespace: workday-recruit
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: candidates
path: /att/jobRequisitions/{{job_req_id}}/candidates
inputParameters:
- name: job_req_id
in: path
operations:
- name: create-candidate
method: POST
- type: http
namespace: slack-recruit
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a ServiceNow post-incident review is completed, extracts lessons learned and updates the relevant Confluence runbook, then notifies the team via Microsoft Teams.
naftiko: '0.5'
info:
label: Confluence Runbook Auto-Updater
description: When a ServiceNow post-incident review is completed, extracts lessons learned and updates the relevant Confluence runbook, then notifies the team via Microsoft Teams.
tags:
- knowledge-management
- servicenow
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: runbook-management
port: 8080
tools:
- name: update-runbook-from-pir
description: Given a ServiceNow incident number from a completed PIR, update the relevant Confluence runbook.
inputParameters:
- name: incident_number
in: body
type: string
description: ServiceNow incident number with completed PIR.
steps:
- name: get-pir
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: update-runbook
type: call
call: confluence.update-page
with:
page_id: '{{get-pir.runbook_page_id}}'
content: 'Lessons learned from {{incident_number}}: {{get-pir.lessons_learned}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: sre-team
text: 'Runbook updated from PIR: {{incident_number}}. Page: {{get-pir.runbook_page_id}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: https://att.atlassian.net/wiki/api/v2
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /pages/{{page_id}}
operations:
- name: update-page
method: PUT
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves the details and current status of an AT&T customer support ticket from Zendesk.
naftiko: '0.5'
info:
label: Zendesk Customer Ticket Lookup
description: Retrieves the details and current status of an AT&T customer support ticket from Zendesk.
tags:
- customer-support
- zendesk
capability:
exposes:
- type: mcp
namespace: customer-tickets
port: 8080
tools:
- name: get-ticket
description: Given a Zendesk ticket ID, return the subject, status, priority, and requester name.
inputParameters:
- name: ticket_id
in: body
type: string
description: The Zendesk ticket ID.
call: zendesk.get-ticket
with:
ticket_id: '{{ticket_id}}'
outputParameters:
- name: subject
type: string
mapping: $.ticket.subject
- name: status
type: string
mapping: $.ticket.status
- name: priority
type: string
mapping: $.ticket.priority
- name: requester_name
type: string
mapping: $.ticket.requester.name
consumes:
- type: http
namespace: zendesk
baseUri: https://att.zendesk.com/api/v2
authentication:
type: bearer
token: $secrets.zendesk_token
resources:
- name: tickets
path: /tickets/{{ticket_id}}
inputParameters:
- name: ticket_id
in: path
operations:
- name: get-ticket
method: GET
Retrieves details of an upcoming or past Zoom meeting for AT&T employees.
naftiko: '0.5'
info:
label: Zoom Meeting Details Lookup
description: Retrieves details of an upcoming or past Zoom meeting for AT&T employees.
tags:
- communications
- zoom
capability:
exposes:
- type: mcp
namespace: meetings
port: 8080
tools:
- name: get-meeting-details
description: Look up a Zoom meeting by ID. Returns topic, start time, duration, and participant count.
inputParameters:
- name: meeting_id
in: body
type: string
description: The Zoom meeting ID.
call: zoom.get-meeting
with:
meeting_id: '{{meeting_id}}'
outputParameters:
- name: topic
type: string
mapping: $.topic
- name: start_time
type: string
mapping: $.start_time
- name: duration
type: number
mapping: $.duration
consumes:
- type: http
namespace: zoom
baseUri: https://api.zoom.us/v2
authentication:
type: bearer
token: $secrets.zoom_token
resources:
- name: meetings
path: /meetings/{{meeting_id}}
inputParameters:
- name: meeting_id
in: path
operations:
- name: get-meeting
method: GET
Checks the protection status and last seen time of a CrowdStrike-managed endpoint at AT&T.
naftiko: '0.5'
info:
label: CrowdStrike Endpoint Status Check
description: Checks the protection status and last seen time of a CrowdStrike-managed endpoint at AT&T.
tags:
- security
- crowdstrike
capability:
exposes:
- type: mcp
namespace: endpoint-security
port: 8080
tools:
- name: get-endpoint-status
description: Check CrowdStrike protection status for a host. Returns protection status, OS, and last seen timestamp.
inputParameters:
- name: hostname
in: body
type: string
description: The hostname to check.
call: crowdstrike.get-host
with:
hostname: '{{hostname}}'
outputParameters:
- name: protection_status
type: string
mapping: $.status
- name: os_version
type: string
mapping: $.os_version
- name: last_seen
type: string
mapping: $.last_seen
consumes:
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: hosts
path: /devices/queries/devices/v1
operations:
- name: get-host
method: GET
Retrieves the operational status of a Cisco network device managed in AT&T network infrastructure.
naftiko: '0.5'
info:
label: Cisco Network Device Status
description: Retrieves the operational status of a Cisco network device managed in AT&T network infrastructure.
tags:
- network
- cisco
capability:
exposes:
- type: mcp
namespace: network-devices
port: 8080
tools:
- name: get-device-status
description: Check status of a Cisco network device. Returns reachability, uptime, and software version.
inputParameters:
- name: device_id
in: body
type: string
description: The Cisco device ID.
call: cisco.get-device
with:
device_id: '{{device_id}}'
outputParameters:
- name: reachability
type: string
mapping: $.reachabilityStatus
- name: uptime
type: string
mapping: $.upTime
- name: software_version
type: string
mapping: $.softwareVersion
consumes:
- type: http
namespace: cisco
baseUri: https://att-dnac.example.com/dna/intent/api/v1
authentication:
type: bearer
token: $secrets.cisco_dnac_token
resources:
- name: devices
path: /network-device/{{device_id}}
inputParameters:
- name: device_id
in: path
operations:
- name: get-device
method: GET
Executes a predefined query against Snowflake to retrieve AT&T network usage statistics for a given region and date range.
naftiko: '0.5'
info:
label: Snowflake Network Usage Query
description: Executes a predefined query against Snowflake to retrieve AT&T network usage statistics for a given region and date range.
tags:
- data
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: network-analytics
port: 8080
tools:
- name: query-network-usage
description: Query network usage metrics from Snowflake by region and date range. Returns total traffic, peak utilization, and subscriber count.
inputParameters:
- name: region
in: body
type: string
description: The network region code.
- name: start_date
in: body
type: string
description: Start date in ISO 8601.
- name: end_date
in: body
type: string
description: End date in ISO 8601.
call: snowflake.execute-query
with:
region: '{{region}}'
start_date: '{{start_date}}'
end_date: '{{end_date}}'
outputParameters:
- name: total_traffic_gb
type: number
mapping: $.total_traffic_gb
- name: peak_utilization_pct
type: number
mapping: $.peak_utilization_pct
- name: subscriber_count
type: number
mapping: $.subscriber_count
consumes:
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: queries
path: /statements
operations:
- name: execute-query
method: POST
Retrieves a payroll summary for a specified pay period from AT&T ADP.
naftiko: '0.5'
info:
label: ADP Payroll Summary Lookup
description: Retrieves a payroll summary for a specified pay period from AT&T ADP.
tags:
- hr
- payroll
- adp
capability:
exposes:
- type: mcp
namespace: payroll-data
port: 8080
tools:
- name: get-payroll-summary
description: Look up ADP payroll summary by pay period. Returns total gross pay, headcount, and deductions.
inputParameters:
- name: pay_period_id
in: body
type: string
description: The ADP pay period identifier.
call: adp.get-payroll-summary
with:
pay_period_id: '{{pay_period_id}}'
outputParameters:
- name: total_gross
type: number
mapping: $.totalGross
- name: headcount
type: number
mapping: $.headcount
- name: total_deductions
type: number
mapping: $.totalDeductions
consumes:
- type: http
namespace: adp
baseUri: https://api.adp.com/payroll/v1
authentication:
type: bearer
token: $secrets.adp_token
resources:
- name: payroll
path: /pay-periods/{{pay_period_id}}/summary
inputParameters:
- name: pay_period_id
in: path
operations:
- name: get-payroll-summary
method: GET
Coordinates firmware updates across cell towers by verifying current versions, creating a ServiceNow change request, and scheduling the maintenance window in PagerDuty.
naftiko: '0.5'
info:
label: Cell Tower Firmware Update Coordinator
description: Coordinates firmware updates across cell towers by verifying current versions, creating a ServiceNow change request, and scheduling the maintenance window in PagerDuty.
tags:
- network
- 5g
- firmware
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: firmware-management
port: 8080
tools:
- name: coordinate-firmware-update
description: Given a tower ID and target firmware version, coordinate the firmware update workflow.
inputParameters:
- name: tower_id
in: body
type: string
description: The cell tower identifier.
- name: target_version
in: body
type: string
description: Target firmware version.
steps:
- name: get-current-firmware
type: call
call: nms.get-tower-firmware
with:
tower_id: '{{tower_id}}'
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'Firmware update: tower {{tower_id}} from {{get-current-firmware.version}} to {{target_version}}'
category: network
priority: '3'
- name: schedule-maintenance
type: call
call: pagerduty.create-maintenance-window
with:
service_id: cell-tower-ops
description: 'Firmware update: {{tower_id}} — CHG: {{create-change.number}}'
consumes:
- type: http
namespace: nms
baseUri: https://nms.att.com/api/v2
authentication:
type: bearer
token: $secrets.nms_token
resources:
- name: towers
path: /towers/{{tower_id}}/firmware
operations:
- name: get-tower-firmware
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: maintenance
path: /maintenance_windows
operations:
- name: create-maintenance-window
method: POST
Aggregates vendor spend data from SAP, refreshes the Power BI dashboard, and posts the report link to the procurement finance channel in Microsoft Teams.
naftiko: '0.5'
info:
label: Quarterly Vendor Spend Report Generator
description: Aggregates vendor spend data from SAP, refreshes the Power BI dashboard, and posts the report link to the procurement finance channel in Microsoft Teams.
tags:
- finance
- procurement
- sap
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vendor-spend
port: 8080
tools:
- name: generate-vendor-spend-report
description: Given a fiscal quarter identifier, aggregate vendor spend and generate the quarterly report.
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: Fiscal quarter identifier (e.g., FY26-Q1).
steps:
- name: get-vendor-spend
type: call
call: sap.get-vendor-spend
with:
fiscal_quarter: '{{fiscal_quarter}}'
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
dataset_id: vendor-spend-quarterly
- name: notify-finance
type: call
call: teams.post-message
with:
channel_id: procurement-finance
text: '{{fiscal_quarter}} vendor spend report ready. Total spend: {{get-vendor-spend.total_amount}}. Dashboard refreshed.'
consumes:
- type: http
namespace: sap
baseUri: https://att-s4.sap.com/sap/opu/odata/sap/API_PURCHASING_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: vendor-spend
path: /A_VendorSpend
operations:
- name: get-vendor-spend
method: GET
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /datasets/{{dataset_id}}/refreshes
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Monitors SSL/TLS certificate expiry dates, creates a ServiceNow change request for renewal, and alerts the network security team via Microsoft Teams.
naftiko: '0.5'
info:
label: Network Certificate Expiry Handler
description: Monitors SSL/TLS certificate expiry dates, creates a ServiceNow change request for renewal, and alerts the network security team via Microsoft Teams.
tags:
- security
- certificates
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cert-management
port: 8080
tools:
- name: handle-cert-expiry
description: Given a domain name and certificate expiry date, initiate the renewal workflow.
inputParameters:
- name: domain
in: body
type: string
description: Domain with expiring certificate.
- name: expiry_date
in: body
type: string
description: Certificate expiry date.
- name: days_remaining
in: body
type: number
description: Days until expiry.
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'SSL cert renewal: {{domain}} expires {{expiry_date}}'
category: security
priority: '2'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: network-security
text: 'Certificate expiring: {{domain}} in {{days_remaining}} days. Change: {{create-change.number}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves the provisioning state and subnet configuration of an Azure virtual network used for AT&T cloud infrastructure.
naftiko: '0.5'
info:
label: Azure Virtual Network Status Lookup
description: Retrieves the provisioning state and subnet configuration of an Azure virtual network used for AT&T cloud infrastructure.
tags:
- cloud
- networking
- microsoft-azure
capability:
exposes:
- type: mcp
namespace: azure-networking
port: 8080
tools:
- name: get-vnet-status
description: Given an Azure subscription ID and virtual network name, return its provisioning state and subnet count.
inputParameters:
- name: subscription_id
in: body
type: string
description: Azure subscription ID.
- name: vnet_name
in: body
type: string
description: Virtual network name.
call: azure.get-vnet
with:
subscription_id: '{{subscription_id}}'
vnet_name: '{{vnet_name}}'
outputParameters:
- name: provisioning_state
type: string
mapping: $.properties.provisioningState
- name: subnet_count
type: number
mapping: $.properties.subnets.length
- name: address_space
type: string
mapping: $.properties.addressSpace.addressPrefixes[0]
consumes:
- type: http
namespace: azure
baseUri: https://management.azure.com
authentication:
type: bearer
token: $secrets.azure_token
resources:
- name: vnets
path: /subscriptions/{{subscription_id}}/providers/Microsoft.Network/virtualNetworks/{{vnet_name}}
inputParameters:
- name: subscription_id
in: path
- name: vnet_name
in: path
operations:
- name: get-vnet
method: GET
Audits Okta MFA enrollment compliance, identifies non-compliant users, creates a Jira tracking ticket, and notifies the security team via Microsoft Teams.
naftiko: '0.5'
info:
label: Okta MFA Compliance Audit Workflow
description: Audits Okta MFA enrollment compliance, identifies non-compliant users, creates a Jira tracking ticket, and notifies the security team via Microsoft Teams.
tags:
- security
- identity
- okta
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: mfa-compliance
port: 8080
tools:
- name: audit-mfa-compliance
description: Given a department name, audit MFA enrollment compliance and create tracking items for gaps.
inputParameters:
- name: department
in: body
type: string
description: Department name to audit.
steps:
- name: get-mfa-stats
type: call
call: okta.get-mfa-enrollment
with:
department: '{{department}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: SEC
summary: 'MFA compliance gap: {{department}} — {{get-mfa-stats.non_compliant_count}} users'
description: 'Enrolled: {{get-mfa-stats.enrolled_count}}. Non-compliant: {{get-mfa-stats.non_compliant_count}}.'
- name: notify-security
type: call
call: teams.post-message
with:
channel_id: security-compliance
text: 'MFA audit: {{department}} has {{get-mfa-stats.non_compliant_count}} non-compliant users. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: okta
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: factors
path: /users
operations:
- name: get-mfa-enrollment
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When GitHub Advanced Security finds a critical code scanning alert, creates a Jira security issue and alerts the AppSec team in Slack.
naftiko: '0.5'
info:
label: GitHub Security Scan to Jira
description: When GitHub Advanced Security finds a critical code scanning alert, creates a Jira security issue and alerts the AppSec team in Slack.
tags:
- security
- devops
- github
- jira
- slack
capability:
exposes:
- type: mcp
namespace: appsec
port: 8080
tools:
- name: handle-code-scanning-alert
description: Given a GitHub code scanning alert in an AT&T repository, create a Jira security issue and notify the AppSec Slack channel.
inputParameters:
- name: repo_name
in: body
type: string
description: The GitHub repository in org/repo format.
- name: alert_number
in: body
type: integer
description: The GitHub code scanning alert number.
- name: alert_severity
in: body
type: string
description: 'Alert severity: critical, high, medium, or low.'
- name: rule_description
in: body
type: string
description: The code scanning rule description.
steps:
- name: get-alert
type: call
call: github.get-code-scanning-alert
with:
repo: '{{repo_name}}'
alert_number: '{{alert_number}}'
- name: create-security-issue
type: call
call: jira-appsec.create-issue
with:
project_key: SEC
issuetype: Security Vulnerability
summary: '[{{alert_severity}}] {{rule_description}} in {{repo_name}}'
description: 'GitHub alert #{{alert_number}} in {{repo_name}}. Rule: {{rule_description}}. File: {{get-alert.file_path}}.'
- name: alert-appsec
type: call
call: slack-appsec.post-message
with:
channel: '#appsec-alerts'
text: 'Code Scan Alert: {{repo_name}} | {{alert_severity}} | {{rule_description}} | Jira: {{create-security-issue.key}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: code-scanning-alerts
path: /repos/{{repo}}/code-scanning/alerts/{{alert_number}}
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-code-scanning-alert
method: GET
- type: http
namespace: jira-appsec
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-appsec
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a critical CVE is detected by CrowdStrike, identifies affected systems, creates a Jira remediation task, triggers a Terraform patching workflow, and notifies the security team.
naftiko: '0.5'
info:
label: Security Vulnerability Patch Orchestrator
description: When a critical CVE is detected by CrowdStrike, identifies affected systems, creates a Jira remediation task, triggers a Terraform patching workflow, and notifies the security team.
tags:
- security
- crowdstrike
- jira
- terraform
- slack
capability:
exposes:
- type: mcp
namespace: security-remediation
port: 8080
tools:
- name: orchestrate-vulnerability-patching
description: Given a CVE ID, orchestrate the vulnerability patching workflow across affected AT&T systems.
inputParameters:
- name: cve_id
in: body
type: string
description: The CVE identifier.
- name: severity
in: body
type: string
description: The vulnerability severity.
steps:
- name: get-affected-hosts
type: call
call: crowdstrike.get-vulnerable-hosts
with:
cve_id: '{{cve_id}}'
- name: create-remediation-task
type: call
call: jira.create-issue
with:
summary: Patch {{cve_id}} - {{severity}} severity
description: 'Affected hosts: {{get-affected-hosts.count}}. Remediate {{cve_id}}.'
project: SEC
issue_type: Task
- name: trigger-patch-run
type: call
call: terraform.trigger-run
with:
workspace_id: security-patching
message: Patching {{cve_id}} per {{create-remediation-task.key}}
- name: notify-security
type: call
call: slack.post-message
with:
channel: '#security-ops'
text: 'Vulnerability {{cve_id}} patching initiated. Jira: {{create-remediation-task.key}}. Affected hosts: {{get-affected-hosts.count}}. Terraform run: {{trigger-patch-run.run_id}}.'
consumes:
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: vulnerabilities
path: /spotlight/queries/vulnerabilities/v1
operations:
- name: get-vulnerable-hosts
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_password
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: runs
path: /runs
operations:
- name: trigger-run
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Syncs benefits enrollment data from ADP to Workday, reconciles discrepancies, and notifies HR via Microsoft Teams when mismatches are found.
naftiko: '0.5'
info:
label: ADP Benefits Enrollment Sync
description: Syncs benefits enrollment data from ADP to Workday, reconciles discrepancies, and notifies HR via Microsoft Teams when mismatches are found.
tags:
- hr
- benefits
- adp
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: benefits-sync
port: 8080
tools:
- name: sync-benefits-enrollment
description: Given an employee ID, sync benefits enrollment between ADP and Workday and flag mismatches.
inputParameters:
- name: employee_id
in: body
type: string
description: Employee ID to sync.
steps:
- name: get-adp-enrollment
type: call
call: adp.get-benefits
with:
employee_id: '{{employee_id}}'
- name: get-workday-enrollment
type: call
call: workday.get-benefits
with:
employee_id: '{{employee_id}}'
- name: notify-hr
type: call
call: teams.post-message
with:
channel_id: hr-benefits
text: 'Benefits sync for {{employee_id}}: ADP plan: {{get-adp-enrollment.plan_name}}, Workday plan: {{get-workday-enrollment.plan_name}}'
consumes:
- type: http
namespace: adp
baseUri: https://api.adp.com/hr/v2
authentication:
type: bearer
token: $secrets.adp_token
resources:
- name: benefits
path: /workers/{{employee_id}}/benefits
operations:
- name: get-benefits
method: GET
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/att
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: benefits
path: /workers/{{employee_id}}/benefits
operations:
- name: get-benefits
method: GET
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When spectrum utilization exceeds threshold, retrieves metrics from Datadog, creates a capacity planning Jira ticket, and alerts the RF engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: Wireless Spectrum Capacity Planner
description: When spectrum utilization exceeds threshold, retrieves metrics from Datadog, creates a capacity planning Jira ticket, and alerts the RF engineering team via Microsoft Teams.
tags:
- network
- 5g
- spectrum
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: spectrum-planning
port: 8080
tools:
- name: handle-spectrum-capacity
description: Given a cell site ID and current spectrum utilization, assess capacity and initiate planning workflow.
inputParameters:
- name: cell_site_id
in: body
type: string
description: The cell site identifier.
- name: utilization_pct
in: body
type: number
description: Current spectrum utilization percentage.
steps:
- name: get-site-metrics
type: call
call: datadog.get-site-metrics
with:
cell_site_id: '{{cell_site_id}}'
- name: create-planning-ticket
type: call
call: jira.create-issue
with:
project: RFPLAN
summary: 'Spectrum capacity review: site {{cell_site_id}} at {{utilization_pct}}%'
issue_type: Task
description: 'Peak throughput: {{get-site-metrics.peak_throughput}}'
- name: notify-rf-team
type: call
call: teams.post-message
with:
channel_id: rf-engineering
text: 'Spectrum alert: Site {{cell_site_id}} at {{utilization_pct}}%. Jira: {{create-planning-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
operations:
- name: get-site-metrics
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Generates a daily sprint status digest from Jira and posts it to the engineering Slack channel.
naftiko: '0.5'
info:
label: Jira Sprint Digest Report
description: Generates a daily sprint status digest from Jira and posts it to the engineering Slack channel.
tags:
- devops
- jira
- reporting
- sprint
- slack
capability:
exposes:
- type: mcp
namespace: sprint-reporting
port: 8080
tools:
- name: digest-sprint-status
description: Given a Jira project key and sprint name, fetch all sprint issues and post a summary digest to the engineering Slack channel. Use for daily stand-up prep.
inputParameters:
- name: project_key
in: body
type: string
description: The Jira project key, e.g. NETW or TECH.
- name: sprint_name
in: body
type: string
description: The Jira sprint name to summarize.
- name: slack_channel
in: body
type: string
description: The Slack channel to post the digest to.
steps:
- name: get-sprint-issues
type: call
call: jira-sprint.search-issues
with:
jql: project = {{project_key}} AND sprint = '{{sprint_name}}'
- name: post-digest
type: call
call: slack-sprint.post-message
with:
channel: '{{slack_channel}}'
text: 'Sprint Digest — {{project_key}} / {{sprint_name}}: Total: {{get-sprint-issues.total}} | Done: {{get-sprint-issues.done_count}} | In Progress: {{get-sprint-issues.inprogress_count}} | Blocked: {{get-sprint-issues.blocked_count}}'
consumes:
- type: http
namespace: jira-sprint
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /search
operations:
- name: search-issues
method: GET
inputParameters:
- name: jql
in: query
- type: http
namespace: slack-sprint
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Launches a SailPoint access certification campaign, tracks completion in Jira, and sends compliance summary to the governance team via Microsoft Teams.
naftiko: '0.5'
info:
label: SailPoint Access Certification Campaign
description: Launches a SailPoint access certification campaign, tracks completion in Jira, and sends compliance summary to the governance team via Microsoft Teams.
tags:
- security
- governance
- sailpoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: access-certification
port: 8080
tools:
- name: launch-certification-campaign
description: Given a campaign name and scope, launch a SailPoint certification campaign and track it.
inputParameters:
- name: campaign_name
in: body
type: string
description: Access certification campaign name.
- name: department
in: body
type: string
description: Department scope for the campaign.
steps:
- name: create-campaign
type: call
call: sailpoint.create-campaign
with:
name: '{{campaign_name}}'
department: '{{department}}'
- name: create-tracker
type: call
call: jira.create-issue
with:
project: GRC
summary: 'Access certification: {{campaign_name}} — {{department}}'
description: 'Campaign ID: {{create-campaign.id}}. Total reviewers: {{create-campaign.reviewer_count}}'
- name: notify-governance
type: call
call: teams.post-message
with:
channel_id: iam-governance
text: 'Certification campaign launched: {{campaign_name}} for {{department}}. {{create-campaign.reviewer_count}} reviewers. Jira: {{create-tracker.key}}'
consumes:
- type: http
namespace: sailpoint
baseUri: https://att.api.identitynow.com/v3
authentication:
type: bearer
token: $secrets.sailpoint_token
resources:
- name: campaigns
path: /campaigns
operations:
- name: create-campaign
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Looks up the compensation band range and midpoint for a given job profile code in Workday.
naftiko: '0.5'
info:
label: Workday Compensation Band Lookup
description: Looks up the compensation band range and midpoint for a given job profile code in Workday.
tags:
- hr
- compensation
- workday
capability:
exposes:
- type: mcp
namespace: compensation
port: 8080
tools:
- name: get-comp-band
description: Given a Workday job profile code, return the compensation band minimum, midpoint, and maximum.
inputParameters:
- name: job_profile_code
in: body
type: string
description: The Workday job profile code.
call: workday.get-compensation-band
with:
job_profile_code: '{{job_profile_code}}'
outputParameters:
- name: band_min
type: number
mapping: $.Compensation_Band.Minimum
- name: band_mid
type: number
mapping: $.Compensation_Band.Midpoint
- name: band_max
type: number
mapping: $.Compensation_Band.Maximum
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/att
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: compensation
path: /compensationBands/{{job_profile_code}}
inputParameters:
- name: job_profile_code
in: path
operations:
- name: get-compensation-band
method: GET
Creates a ServiceNow change request for network or infrastructure changes and routes it to the CAB board, notifying the requestor in Slack.
naftiko: '0.5'
info:
label: Change Management Approval Workflow
description: Creates a ServiceNow change request for network or infrastructure changes and routes it to the CAB board, notifying the requestor in Slack.
tags:
- itsm
- change-management
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: create-change-request
description: Given change description, type, and risk level, create a ServiceNow change request and notify the requestor via Slack.
inputParameters:
- name: short_description
in: body
type: string
description: Brief description of the change.
- name: change_type
in: body
type: string
description: 'Change type: normal, standard, or emergency.'
- name: risk_level
in: body
type: string
description: 'Risk level: low, medium, high, or critical.'
- name: requestor_slack_id
in: body
type: string
description: The Slack user ID of the change requestor.
steps:
- name: create-cr
type: call
call: servicenow-chg.create-change
with:
short_description: '{{short_description}}'
type: '{{change_type}}'
risk: '{{risk_level}}'
assignment_group: CAB
- name: notify-requestor
type: call
call: slack-chg.post-message
with:
channel: '{{requestor_slack_id}}'
text: 'Change request submitted: {{create-cr.number}}. Type: {{change_type}}. Risk: {{risk_level}}. Pending CAB review.'
consumes:
- type: http
namespace: servicenow-chg
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change
method: POST
- type: http
namespace: slack-chg
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Queries the Cisco DNA Center API to retrieve interface status and throughput for a specified router in the AT&T backbone network.
naftiko: '0.5'
info:
label: Cisco Router Interface Status
description: Queries the Cisco DNA Center API to retrieve interface status and throughput for a specified router in the AT&T backbone network.
tags:
- network
- cisco
capability:
exposes:
- type: mcp
namespace: network-devices
port: 8080
tools:
- name: get-router-interface
description: Given a device hostname and interface name, return the operational status, throughput, and error count.
inputParameters:
- name: device_hostname
in: body
type: string
description: The Cisco router hostname.
- name: interface_name
in: body
type: string
description: The interface name (e.g., GigabitEthernet0/0/1).
call: cisco-dnac.get-interface
with:
device_hostname: '{{device_hostname}}'
interface_name: '{{interface_name}}'
outputParameters:
- name: oper_status
type: string
mapping: $.response.status
- name: throughput_mbps
type: number
mapping: $.response.throughput
- name: error_count
type: number
mapping: $.response.errorCount
consumes:
- type: http
namespace: cisco-dnac
baseUri: https://dnac.att.com/dna/intent/api/v1
authentication:
type: bearer
token: $secrets.cisco_dnac_token
resources:
- name: interfaces
path: /interface
inputParameters:
- name: device_hostname
in: query
operations:
- name: get-interface
method: GET
Searches Splunk for recent security events matching a given source IP address and returns the event count and severity breakdown.
naftiko: '0.5'
info:
label: Splunk Security Event Lookup
description: Searches Splunk for recent security events matching a given source IP address and returns the event count and severity breakdown.
tags:
- security
- siem
- splunk
capability:
exposes:
- type: mcp
namespace: security-events
port: 8080
tools:
- name: search-events-by-ip
description: Given a source IP address, search Splunk for security events in the last 24 hours and return event count and top severity.
inputParameters:
- name: source_ip
in: body
type: string
description: The source IP address to investigate.
call: splunk.search
with:
source_ip: '{{source_ip}}'
outputParameters:
- name: event_count
type: number
mapping: $.results.event_count
- name: top_severity
type: string
mapping: $.results.top_severity
- name: latest_event_time
type: string
mapping: $.results.latest_time
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.att.com:8089
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: search
path: /services/search/jobs/export
inputParameters:
- name: source_ip
in: query
operations:
- name: search
method: GET
When a new compliance document is uploaded to SharePoint, extracts metadata, creates a Jira review task, and notifies the compliance team via Microsoft Teams.
naftiko: '0.5'
info:
label: SharePoint Compliance Document Workflow
description: When a new compliance document is uploaded to SharePoint, extracts metadata, creates a Jira review task, and notifies the compliance team via Microsoft Teams.
tags:
- compliance
- documents
- sharepoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: compliance-docs
port: 8080
tools:
- name: process-compliance-document
description: Given a SharePoint document ID, process the compliance document and create review tasks.
inputParameters:
- name: document_id
in: body
type: string
description: SharePoint document ID.
- name: site_id
in: body
type: string
description: SharePoint site ID.
steps:
- name: get-document
type: call
call: sharepoint.get-document
with:
site_id: '{{site_id}}'
document_id: '{{document_id}}'
- name: create-review-task
type: call
call: jira.create-issue
with:
project: COMPLIANCE
summary: 'Review: {{get-document.name}}'
description: 'Document uploaded to SharePoint. Author: {{get-document.author}}. Size: {{get-document.size}}'
- name: notify-compliance
type: call
call: teams.post-message
with:
channel_id: compliance-reviews
text: 'New compliance doc: {{get-document.name}}. Jira: {{create-review-task.key}}'
consumes:
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: documents
path: /sites/{{site_id}}/drive/items/{{document_id}}
operations:
- name: get-document
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Detects BGP routing anomalies via Datadog, correlates with SolarWinds node data, creates a P2 ServiceNow incident, and pages the network operations team.
naftiko: '0.5'
info:
label: Network BGP Route Anomaly Handler
description: Detects BGP routing anomalies via Datadog, correlates with SolarWinds node data, creates a P2 ServiceNow incident, and pages the network operations team.
tags:
- network
- bgp
- datadog
- solarwinds
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: bgp-monitoring
port: 8080
tools:
- name: handle-bgp-anomaly
description: Given a Datadog alert for BGP anomaly, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog BGP anomaly alert ID.
- name: router_ip
in: body
type: string
description: Affected router IP address.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: get-node-info
type: call
call: solarwinds.get-node
with:
ip_address: '{{router_ip}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'BGP anomaly: {{get-node-info.node_name}} ({{router_ip}})'
urgency: '2'
description: 'Alert: {{get-alert.message}}. Node status: {{get-node-info.status}}'
- name: page-noc
type: call
call: pagerduty.create-incident
with:
service_id: network-operations
title: 'BGP anomaly: {{router_ip}} — {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: solarwinds
baseUri: https://solarwinds.att.com:17778/SolarWinds/InformationService/v3/Json
authentication:
type: basic
username: $secrets.solarwinds_user
password: $secrets.solarwinds_password
resources:
- name: nodes
path: /Query
operations:
- name: get-node
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Retrieves the completion percentage and child issue count for a Jira epic in AT&T engineering projects.
naftiko: '0.5'
info:
label: Jira Epic Progress Lookup
description: Retrieves the completion percentage and child issue count for a Jira epic in AT&T engineering projects.
tags:
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: project-tracking
port: 8080
tools:
- name: get-epic-progress
description: Given a Jira epic key, return the total issues, completed issues, and completion percentage.
inputParameters:
- name: epic_key
in: body
type: string
description: The Jira epic key (e.g., NET-1234).
call: jira.get-epic
with:
epic_key: '{{epic_key}}'
outputParameters:
- name: total_issues
type: number
mapping: $.total
- name: done_issues
type: number
mapping: $.done
- name: completion_pct
type: number
mapping: $.completionPct
consumes:
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: epics
path: /search
inputParameters:
- name: epic_key
in: query
operations:
- name: get-epic
method: GET
When a CloudWatch alarm triggers for EC2 scaling, retrieves instance metrics, logs the event in Splunk, and creates a Jira ticket for capacity review.
naftiko: '0.5'
info:
label: AWS EC2 Auto Scaling Alert Handler
description: When a CloudWatch alarm triggers for EC2 scaling, retrieves instance metrics, logs the event in Splunk, and creates a Jira ticket for capacity review.
tags:
- cloud
- aws
- auto-scaling
- splunk
- jira
capability:
exposes:
- type: mcp
namespace: cloud-scaling
port: 8080
tools:
- name: handle-scaling-alert
description: Given a CloudWatch alarm name and EC2 auto scaling group, handle the scaling event.
inputParameters:
- name: alarm_name
in: body
type: string
description: CloudWatch alarm name.
- name: asg_name
in: body
type: string
description: Auto Scaling Group name.
steps:
- name: get-alarm
type: call
call: cloudwatch.get-alarm
with:
alarm_name: '{{alarm_name}}'
- name: log-event
type: call
call: splunk.index-event
with:
source: cloudwatch
event: 'Auto scaling alert: {{asg_name}} — {{get-alarm.state_reason}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: CLOUD
summary: 'EC2 scaling event: {{asg_name}}'
description: 'Alarm: {{alarm_name}}. Reason: {{get-alarm.state_reason}}'
consumes:
- type: http
namespace: cloudwatch
baseUri: https://monitoring.us-east-1.amazonaws.com
authentication:
type: apikey
key: Authorization
value: $secrets.aws_auth_token
placement: header
resources:
- name: alarms
path: /
operations:
- name: get-alarm
method: GET
- type: http
namespace: splunk
baseUri: https://splunk.att.com:8088
authentication:
type: bearer
token: $secrets.splunk_hec_token
resources:
- name: events
path: /services/collector/event
operations:
- name: index-event
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
When Datadog APM detects a latency spike, retrieves trace data, creates a Jira investigation ticket, and alerts the on-call engineer via PagerDuty.
naftiko: '0.5'
info:
label: Datadog APM Latency Spike Responder
description: When Datadog APM detects a latency spike, retrieves trace data, creates a Jira investigation ticket, and alerts the on-call engineer via PagerDuty.
tags:
- observability
- apm
- datadog
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: apm-response
port: 8080
tools:
- name: handle-latency-spike
description: Given a Datadog APM service name and alert ID, investigate and escalate the latency spike.
inputParameters:
- name: service_name
in: body
type: string
description: The APM service name.
- name: alert_id
in: body
type: string
description: Datadog alert ID.
steps:
- name: get-traces
type: call
call: datadog.get-traces
with:
service_name: '{{service_name}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: SRE
summary: 'Latency spike: {{service_name}}'
description: 'P99 latency: {{get-traces.p99_latency}}ms. Error rate: {{get-traces.error_rate}}%'
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: app-reliability
title: 'Latency spike: {{service_name}} — Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: traces
path: /traces
operations:
- name: get-traces
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Retrieves a summary of Azure cloud resources deployed under a specific AT&T subscription.
naftiko: '0.5'
info:
label: Azure Resource Inventory Lookup
description: Retrieves a summary of Azure cloud resources deployed under a specific AT&T subscription.
tags:
- cloud
- azure
capability:
exposes:
- type: mcp
namespace: cloud-inventory
port: 8080
tools:
- name: get-resource-inventory
description: List Azure resources for a subscription. Returns resource count by type and total cost estimate.
inputParameters:
- name: subscription_id
in: body
type: string
description: The Azure subscription ID.
call: azure.list-resources
with:
subscription_id: '{{subscription_id}}'
outputParameters:
- name: resource_count
type: number
mapping: $.total_count
- name: resource_types
type: string
mapping: $.type_summary
consumes:
- type: http
namespace: azure
baseUri: https://management.azure.com
authentication:
type: bearer
token: $secrets.azure_token
resources:
- name: resources
path: /subscriptions/{{subscription_id}}/resources
inputParameters:
- name: subscription_id
in: path
operations:
- name: list-resources
method: GET
Looks up an AT&T SAP S/4HANA purchase order by number and returns header status, vendor details, and total value.
naftiko: '0.5'
info:
label: SAP Purchase Order Lookup
description: Looks up an AT&T SAP S/4HANA purchase order by number and returns header status, vendor details, and total value.
tags:
- finance
- procurement
- sap
- erp
capability:
exposes:
- type: mcp
namespace: erp-procurement
port: 8080
tools:
- name: get-purchase-order
description: Look up a SAP S/4HANA purchase order by PO number. Returns status, vendor name, total value, and currency. Use for procurement status checks and invoice matching.
inputParameters:
- name: po_number
in: body
type: string
description: The SAP purchase order number, e.g. 4500034567.
call: sap-erp.get-po
with:
po_number: '{{po_number}}'
outputParameters:
- name: status
type: string
mapping: $.d.OverallStatus
- name: vendor
type: string
mapping: $.d.Supplier.CompanyName
- name: total_value
type: string
mapping: $.d.TotalAmount
- name: currency
type: string
mapping: $.d.TransactionCurrency
consumes:
- type: http
namespace: sap-erp
baseUri: https://att-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: purchase-orders
path: /A_PurchaseOrder('{{po_number}}')
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
outputRawFormat: xml
When a FirstNet priority alert fires, retrieves network capacity data from Datadog, creates a P1 ServiceNow incident, and escalates through PagerDuty to the FirstNet operations team.
naftiko: '0.5'
info:
label: FirstNet Priority Incident Coordinator
description: When a FirstNet priority alert fires, retrieves network capacity data from Datadog, creates a P1 ServiceNow incident, and escalates through PagerDuty to the FirstNet operations team.
tags:
- firstnet
- public-safety
- network
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: firstnet-ops
port: 8080
tools:
- name: handle-firstnet-priority
description: Given a FirstNet alert ID and affected area, coordinate the priority incident response.
inputParameters:
- name: alert_id
in: body
type: string
description: FirstNet priority alert ID.
- name: affected_area
in: body
type: string
description: Geographic area affected.
steps:
- name: get-capacity
type: call
call: datadog.get-firstnet-metrics
with:
area: '{{affected_area}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'FirstNet priority: {{affected_area}}'
urgency: '1'
impact: '1'
description: 'Capacity: {{get-capacity.available_pct}}%. Active first responder sessions: {{get-capacity.active_sessions}}'
- name: escalate
type: call
call: pagerduty.create-incident
with:
service_id: firstnet-ops
title: 'FirstNet P1: {{affected_area}} — {{create-incident.number}}'
urgency: high
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
operations:
- name: get-firstnet-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
When a New Relic SLO error budget is nearly exhausted, retrieves SLO details, creates a Jira ticket for the owning team, and posts to the reliability channel in Teams.
naftiko: '0.5'
info:
label: New Relic Error Budget Alert Handler
description: When a New Relic SLO error budget is nearly exhausted, retrieves SLO details, creates a Jira ticket for the owning team, and posts to the reliability channel in Teams.
tags:
- reliability
- slo
- new-relic
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: error-budget
port: 8080
tools:
- name: handle-error-budget-alert
description: Given a New Relic SLO ID and remaining error budget percentage, escalate.
inputParameters:
- name: slo_id
in: body
type: string
description: New Relic SLO ID.
- name: remaining_budget_pct
in: body
type: number
description: Remaining error budget percentage.
steps:
- name: get-slo
type: call
call: newrelic.get-slo
with:
slo_id: '{{slo_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: SRE
summary: 'Error budget alert: {{get-slo.name}} — {{remaining_budget_pct}}% remaining'
priority: High
- name: notify-reliability
type: call
call: teams.post-message
with:
channel_id: reliability-engineering
text: 'Error budget alert: {{get-slo.name}} has {{remaining_budget_pct}}% remaining. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: newrelic
baseUri: https://api.newrelic.com/v2
authentication:
type: apikey
key: Api-Key
value: $secrets.newrelic_api_key
placement: header
resources:
- name: slos
path: /slo/{{slo_id}}
operations:
- name: get-slo
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Creates a new Terraform Cloud workspace for AT&T network or infrastructure projects and notifies the infrastructure team in Slack.
naftiko: '0.5'
info:
label: Terraform Cloud Network Infrastructure Provisioning
description: Creates a new Terraform Cloud workspace for AT&T network or infrastructure projects and notifies the infrastructure team in Slack.
tags:
- cloud
- infrastructure
- terraform
- devops
- slack
capability:
exposes:
- type: mcp
namespace: infra-provisioning
port: 8080
tools:
- name: provision-terraform-workspace
description: Given a project name and environment, create a Terraform Cloud workspace for AT&T infrastructure and notify the infrastructure Slack channel.
inputParameters:
- name: project_name
in: body
type: string
description: The project name, e.g. 5g-network-probe or fiber-monitoring.
- name: environment
in: body
type: string
description: 'The deployment environment: dev, staging, or prod.'
steps:
- name: create-workspace
type: call
call: terraform.create-workspace
with:
org: att
name: '{{project_name}}-{{environment}}'
- name: notify-infra
type: call
call: slack-tf.post-message
with:
channel: '#infrastructure-team'
text: 'Terraform workspace created: {{project_name}}-{{environment}}. ID: {{create-workspace.workspace_id}}.'
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: workspaces
path: /organizations/{{org}}/workspaces
inputParameters:
- name: org
in: path
operations:
- name: create-workspace
method: POST
- type: http
namespace: slack-tf
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves the current status and assignment details of a ServiceNow incident ticket at AT&T.
naftiko: '0.5'
info:
label: ServiceNow Incident Status Lookup
description: Retrieves the current status and assignment details of a ServiceNow incident ticket at AT&T.
tags:
- it-operations
- servicenow
capability:
exposes:
- type: mcp
namespace: itsm-incidents
port: 8080
tools:
- name: get-incident-status
description: Look up a ServiceNow incident by number. Returns state, priority, assigned group, and short description.
inputParameters:
- name: incident_number
in: body
type: string
description: The ServiceNow incident number.
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
outputParameters:
- name: state
type: string
mapping: $.state
- name: priority
type: string
mapping: $.priority
- name: assigned_to
type: string
mapping: $.assigned_to
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
inputParameters:
- name: incident_number
in: path
operations:
- name: get-incident
method: GET
Qualifies a Salesforce lead using ZoomInfo enrichment data, converts it to an opportunity, and notifies the assigned sales rep via Microsoft Teams.
naftiko: '0.5'
info:
label: Salesforce Lead to Opportunity Converter
description: Qualifies a Salesforce lead using ZoomInfo enrichment data, converts it to an opportunity, and notifies the assigned sales rep via Microsoft Teams.
tags:
- sales
- crm
- salesforce
- zoominfo
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: lead-conversion
port: 8080
tools:
- name: convert-lead
description: Given a Salesforce lead ID, enrich with ZoomInfo, convert to opportunity, and notify.
inputParameters:
- name: lead_id
in: body
type: string
description: The Salesforce lead ID to convert.
steps:
- name: get-lead
type: call
call: salesforce.get-lead
with:
lead_id: '{{lead_id}}'
- name: enrich-lead
type: call
call: zoominfo.enrich-company
with:
company_name: '{{get-lead.Company}}'
- name: convert-lead
type: call
call: salesforce.convert-lead
with:
lead_id: '{{lead_id}}'
company_size: '{{enrich-lead.employee_count}}'
- name: notify-rep
type: call
call: teams.post-message
with:
channel_id: enterprise-sales
text: 'Lead converted: {{get-lead.Company}} ({{enrich-lead.employee_count}} employees). Opportunity: {{convert-lead.opportunity_id}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead/{{lead_id}}
operations:
- name: get-lead
method: GET
- name: lead-convert
path: /sobjects/Lead/{{lead_id}}/convert
operations:
- name: convert-lead
method: POST
- type: http
namespace: zoominfo
baseUri: https://api.zoominfo.com/v2
authentication:
type: bearer
token: $secrets.zoominfo_token
resources:
- name: companies
path: /enrich/company
operations:
- name: enrich-company
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves application health score and error rate from Dynatrace for an AT&T customer-facing application.
naftiko: '0.5'
info:
label: Dynatrace Application Health Lookup
description: Retrieves application health score and error rate from Dynatrace for an AT&T customer-facing application.
tags:
- observability
- dynatrace
capability:
exposes:
- type: mcp
namespace: app-health
port: 8080
tools:
- name: get-app-health
description: Given a Dynatrace application entity ID, return its health score, error rate, and response time.
inputParameters:
- name: entity_id
in: body
type: string
description: The Dynatrace application entity ID.
call: dynatrace.get-application
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: health_score
type: number
mapping: $.healthScore
- name: error_rate
type: number
mapping: $.errorRate
- name: response_time_ms
type: number
mapping: $.responseTime
consumes:
- type: http
namespace: dynatrace
baseUri: https://att.live.dynatrace.com/api/v2
authentication:
type: bearer
token: $secrets.dynatrace_api_token
resources:
- name: entities
path: /entities/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-application
method: GET
When an employee department transfer is detected in Workday, updates Okta group memberships, adjusts ServiceNow CMDB assignments, and notifies the manager via Teams.
naftiko: '0.5'
info:
label: Workday Org Change Access Sync
description: When an employee department transfer is detected in Workday, updates Okta group memberships, adjusts ServiceNow CMDB assignments, and notifies the manager via Teams.
tags:
- hr
- identity
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: org-change-sync
port: 8080
tools:
- name: sync-org-change
description: Given an employee ID with a department change, sync access across systems.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
- name: new_department
in: body
type: string
description: New department name.
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
employee_id: '{{employee_id}}'
- name: update-okta-groups
type: call
call: okta.update-user-groups
with:
user_email: '{{get-employee.email}}'
department: '{{new_department}}'
- name: update-cmdb
type: call
call: servicenow.update-user-department
with:
user_email: '{{get-employee.email}}'
department: '{{new_department}}'
- name: notify-manager
type: call
call: teams.post-message
with:
channel_id: hr-notifications
text: 'Org change processed: {{get-employee.name}} moved to {{new_department}}. Okta groups and ServiceNow updated.'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/att
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{employee_id}}
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: groups
path: /users/{{user_email}}/groups
operations:
- name: update-user-groups
method: PUT
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: users
path: /table/sys_user
operations:
- name: update-user-department
method: PATCH
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves employee profile details from Workday including role, department, and manager for AT&T workforce queries.
naftiko: '0.5'
info:
label: Workday Employee Directory Lookup
description: Retrieves employee profile details from Workday including role, department, and manager for AT&T workforce queries.
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: hr-directory
port: 8080
tools:
- name: get-employee-profile
description: Look up an AT&T employee profile by worker ID. Returns name, title, department, and manager.
inputParameters:
- name: worker_id
in: body
type: string
description: The Workday worker ID.
call: workday.get-worker
with:
worker_id: '{{worker_id}}'
outputParameters:
- name: full_name
type: string
mapping: $.Full_Name
- name: title
type: string
mapping: $.Job_Title
- name: department
type: string
mapping: $.Department
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Checks the current status and last login time of an Okta user account at AT&T.
naftiko: '0.5'
info:
label: Okta User Status Check
description: Checks the current status and last login time of an Okta user account at AT&T.
tags:
- security
- okta
capability:
exposes:
- type: mcp
namespace: iam-users
port: 8080
tools:
- name: get-user-status
description: Look up an Okta user status by email. Returns account status, last login, and assigned applications count.
inputParameters:
- name: user_email
in: body
type: string
description: The user email address.
call: okta.get-user
with:
user_email: '{{user_email}}'
outputParameters:
- name: status
type: string
mapping: $.status
- name: last_login
type: string
mapping: $.lastLogin
- name: app_count
type: number
mapping: $.app_count
consumes:
- type: http
namespace: okta
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{user_email}}
inputParameters:
- name: user_email
in: path
operations:
- name: get-user
method: GET
When CrowdStrike detects malware, isolates the endpoint, creates a ServiceNow security incident, and notifies the security operations center via Microsoft Teams.
naftiko: '0.5'
info:
label: CrowdStrike Malware Containment Workflow
description: When CrowdStrike detects malware, isolates the endpoint, creates a ServiceNow security incident, and notifies the security operations center via Microsoft Teams.
tags:
- security
- endpoint
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: malware-response
port: 8080
tools:
- name: contain-malware-endpoint
description: Given a CrowdStrike detection ID, contain the endpoint and escalate.
inputParameters:
- name: detection_id
in: body
type: string
description: CrowdStrike detection ID.
steps:
- name: get-detection
type: call
call: crowdstrike.get-detection
with:
detection_id: '{{detection_id}}'
- name: isolate-host
type: call
call: crowdstrike.contain-host
with:
host_id: '{{get-detection.host_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Malware: {{get-detection.malware_name}} on {{get-detection.hostname}}'
urgency: '1'
category: security
- name: alert-soc
type: call
call: teams.post-message
with:
channel_id: soc-alerts
text: 'Malware contained: {{get-detection.hostname}}. Detection: {{get-detection.malware_name}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: detections
path: /detects/entities/summaries/GET/v1
operations:
- name: get-detection
method: POST
- name: hosts
path: /hosts/entities/host-actions/v1
operations:
- name: contain-host
method: POST
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a Snowflake data quality check fails for network or customer data, opens a Jira issue and notifies the data engineering Slack channel.
naftiko: '0.5'
info:
label: Snowflake Data Quality Alert
description: When a Snowflake data quality check fails for network or customer data, opens a Jira issue and notifies the data engineering Slack channel.
tags:
- data
- analytics
- snowflake
- jira
- data-quality
- slack
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: handle-data-quality-failure
description: Given a Snowflake table and failed data quality check name, open a Jira data quality issue and notify the data engineering Slack channel.
inputParameters:
- name: table_name
in: body
type: string
description: The fully qualified Snowflake table that failed the quality check.
- name: check_name
in: body
type: string
description: The data quality check name that failed.
- name: failure_detail
in: body
type: string
description: Description of what failed and relevant metrics.
steps:
- name: create-dq-issue
type: call
call: jira-dq.create-issue
with:
project_key: DATA
issuetype: Bug
summary: '[DQ Failure] {{table_name}} — {{check_name}}'
description: 'Data quality check {{check_name}} failed on {{table_name}}. Detail: {{failure_detail}}.'
- name: notify-data-team
type: call
call: slack-dq.post-message
with:
channel: '#data-engineering-alerts'
text: 'Data Quality Failure: {{table_name}} | Check: {{check_name}} | Jira: {{create-dq-issue.key}}'
consumes:
- type: http
namespace: jira-dq
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-dq
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
After a DNS change is deployed, queries Datadog for DNS resolution metrics, verifies propagation, and updates the ServiceNow change request with results.
naftiko: '0.5'
info:
label: DNS Change Propagation Verifier
description: After a DNS change is deployed, queries Datadog for DNS resolution metrics, verifies propagation, and updates the ServiceNow change request with results.
tags:
- network
- dns
- datadog
- servicenow
capability:
exposes:
- type: mcp
namespace: dns-ops
port: 8080
tools:
- name: verify-dns-propagation
description: Given a change request number and domain name, verify DNS propagation and update the change record.
inputParameters:
- name: change_number
in: body
type: string
description: ServiceNow change request number.
- name: domain
in: body
type: string
description: The domain name to verify.
steps:
- name: get-dns-metrics
type: call
call: datadog.query-metrics
with:
query: dns.resolution_time{domain:{{domain}}}
- name: update-change
type: call
call: servicenow.update-change-request
with:
change_number: '{{change_number}}'
work_notes: 'DNS propagation verified. Resolution time: {{get-dns-metrics.avg_value}}ms across {{get-dns-metrics.point_count}} probes.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request/{{change_number}}
operations:
- name: update-change-request
method: PATCH
Queries Snowflake for customer usage patterns, enriches with Salesforce account data, generates a churn risk score using OpenAI, and posts the assessment to the account team Slack channel.
naftiko: '0.5'
info:
label: Customer Churn Risk Assessment
description: Queries Snowflake for customer usage patterns, enriches with Salesforce account data, generates a churn risk score using OpenAI, and posts the assessment to the account team Slack channel.
tags:
- sales
- analytics
- snowflake
- salesforce
- openai
- slack
capability:
exposes:
- type: mcp
namespace: customer-intelligence
port: 8080
tools:
- name: assess-churn-risk
description: Given a customer account ID, assess churn risk using usage data and AI analysis.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID.
steps:
- name: get-usage-data
type: call
call: snowflake.query-usage
with:
account_id: '{{account_id}}'
- name: get-account-info
type: call
call: salesforce.get-account
with:
account_id: '{{account_id}}'
- name: analyze-risk
type: call
call: openai.chat-completion
with:
prompt: 'Analyze churn risk for {{get-account-info.name}} with usage trend: {{get-usage-data.trend}} and contract value ${{get-account-info.annual_revenue}}. Provide risk score 1-10 and recommendations.'
- name: notify-team
type: call
call: slack.post-message
with:
channel: '#account-intelligence'
text: 'Churn risk assessment for {{get-account-info.name}}: {{analyze-risk.response}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: queries
path: /statements
operations:
- name: query-usage
method: POST
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
operations:
- name: get-account
method: GET
- type: http
namespace: openai
baseUri: https://api.openai.com/v1
authentication:
type: bearer
token: $secrets.openai_api_key
resources:
- name: completions
path: /chat/completions
operations:
- name: chat-completion
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a termination is recorded in Workday, deactivates the Okta account, closes open ServiceNow tickets, and posts a summary to the HR Slack channel.
naftiko: '0.5'
info:
label: Employee Offboarding Workflow
description: When a termination is recorded in Workday, deactivates the Okta account, closes open ServiceNow tickets, and posts a summary to the HR Slack channel.
tags:
- hr
- offboarding
- workday
- okta
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-employee-offboarding
description: Given a Workday employee ID and termination date, deactivate the Okta account and notify the HR Slack channel.
inputParameters:
- name: workday_employee_id
in: body
type: string
description: The Workday worker ID for the departing employee.
- name: termination_date
in: body
type: string
description: The termination effective date in ISO 8601 format.
steps:
- name: get-worker
type: call
call: workday-off.get-worker
with:
worker_id: '{{workday_employee_id}}'
- name: deactivate-okta
type: call
call: okta-off.deactivate-user
with:
user_id: '{{get-worker.okta_user_id}}'
- name: notify-hr
type: call
call: slack-off.post-message
with:
channel: '#hr-ops'
text: 'Offboarding complete for {{get-worker.full_name}} (effective: {{termination_date}}). Okta deactivated.'
consumes:
- type: http
namespace: workday-off
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-off
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{user_id}}/lifecycle/deactivate
inputParameters:
- name: user_id
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: slack-off
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Generates a weekly account health digest from Salesforce for AT&T's enterprise accounts, summarizing open opportunities, active contracts, and support cases, posted to the sales Slack channel.
naftiko: '0.5'
info:
label: Enterprise Customer Account Health Digest
description: Generates a weekly account health digest from Salesforce for AT&T's enterprise accounts, summarizing open opportunities, active contracts, and support cases, posted to the sales Slack channel.
tags:
- sales
- crm
- salesforce
- reporting
- slack
capability:
exposes:
- type: mcp
namespace: account-health
port: 8080
tools:
- name: digest-account-health
description: Given a Salesforce account ID and Slack channel, retrieve account status, open opportunities, and active contracts, then post a health digest.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce enterprise account ID.
- name: slack_channel
in: body
type: string
description: The Slack channel to post the health digest to.
steps:
- name: get-account
type: call
call: salesforce-health.get-account
with:
account_id: '{{account_id}}'
- name: get-opportunities
type: call
call: salesforce-health.get-account-opportunities
with:
account_id: '{{account_id}}'
- name: post-digest
type: call
call: slack-health.post-message
with:
channel: '{{slack_channel}}'
text: 'Account Health: {{get-account.name}} | Tier: {{get-account.tier}} | Open Opps: {{get-opportunities.total_count}} | Pipeline: ${{get-opportunities.total_amount}} | Renewal: {{get-account.renewal_date}}'
consumes:
- type: http
namespace: salesforce-health
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- name: account-opportunities
path: /sobjects/Account/{{account_id}}/Opportunities
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-opportunities
method: GET
- type: http
namespace: slack-health
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
When a Grafana alert fires for a network dashboard panel, retrieves the panel data, creates a Jira ticket for the responsible team, and posts to the monitoring Teams channel.
naftiko: '0.5'
info:
label: Grafana Dashboard Alert to Jira
description: When a Grafana alert fires for a network dashboard panel, retrieves the panel data, creates a Jira ticket for the responsible team, and posts to the monitoring Teams channel.
tags:
- observability
- grafana
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: grafana-alerts
port: 8080
tools:
- name: handle-grafana-alert
description: Given a Grafana alert ID, create a Jira ticket and notify.
inputParameters:
- name: alert_id
in: body
type: string
description: Grafana alert rule ID.
- name: dashboard_uid
in: body
type: string
description: Grafana dashboard UID.
steps:
- name: get-alert
type: call
call: grafana.get-alert
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: NOC
summary: 'Grafana alert: {{get-alert.title}}'
description: 'Dashboard: {{dashboard_uid}}. Message: {{get-alert.message}}'
- name: notify-monitoring
type: call
call: teams.post-message
with:
channel_id: noc-monitoring
text: 'Grafana alert: {{get-alert.title}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: grafana
baseUri: https://grafana.att.com/api
authentication:
type: bearer
token: $secrets.grafana_token
resources:
- name: alerts
path: /v1/provisioning/alert-rules/{{alert_id}}
operations:
- name: get-alert
method: GET
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Checks the latest run status and response time for a New Relic synthetic monitor tracking AT&T customer portal availability.
naftiko: '0.5'
info:
label: New Relic Synthetic Monitor Status
description: Checks the latest run status and response time for a New Relic synthetic monitor tracking AT&T customer portal availability.
tags:
- observability
- synthetic-monitoring
- new-relic
capability:
exposes:
- type: mcp
namespace: synthetic-monitors
port: 8080
tools:
- name: get-monitor-status
description: Given a New Relic synthetic monitor ID, return the latest status, response time, and location.
inputParameters:
- name: monitor_id
in: body
type: string
description: The New Relic synthetic monitor ID.
call: newrelic.get-synthetic-monitor
with:
monitor_id: '{{monitor_id}}'
outputParameters:
- name: status
type: string
mapping: $.status
- name: response_time_ms
type: number
mapping: $.responseTime
- name: location
type: string
mapping: $.location
consumes:
- type: http
namespace: newrelic
baseUri: https://synthetics.newrelic.com/synthetics/api/v3
authentication:
type: apikey
key: Api-Key
value: $secrets.newrelic_api_key
placement: header
resources:
- name: monitors
path: /monitors/{{monitor_id}}
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-synthetic-monitor
method: GET
When an AWS cost anomaly is detected, annotates Datadog, opens a Jira FinOps issue, and alerts the cloud finance Slack channel.
naftiko: '0.5'
info:
label: Cloud Cost Anomaly Responder
description: When an AWS cost anomaly is detected, annotates Datadog, opens a Jira FinOps issue, and alerts the cloud finance Slack channel.
tags:
- finops
- cloud
- aws
- datadog
- jira
- slack
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-cost-anomaly
description: Given an AWS cost anomaly ID, affected service, and estimated overage, create a Datadog event, open a Jira FinOps issue, and notify the cloud finance Slack channel.
inputParameters:
- name: anomaly_id
in: body
type: string
description: The AWS Cost Anomaly Detection anomaly ID.
- name: aws_service
in: body
type: string
description: The AWS service generating the anomaly.
- name: estimated_overage_usd
in: body
type: number
description: Estimated dollar overage detected.
- name: business_unit
in: body
type: string
description: The AT&T business unit owning the AWS account.
steps:
- name: annotate-datadog
type: call
call: datadog-finops.create-event
with:
title: 'AWS Cost Anomaly: {{aws_service}}'
text: 'Anomaly {{anomaly_id}} — estimated overage: ${{estimated_overage_usd}} — BU: {{business_unit}}'
alert_type: warning
- name: create-finops-issue
type: call
call: jira-finops.create-issue
with:
project_key: FINOPS
issuetype: Task
summary: 'AWS Cost Anomaly: {{aws_service}} — ${{estimated_overage_usd}} overage'
description: 'Anomaly {{anomaly_id}} on {{aws_service}} for {{business_unit}}. Datadog: {{annotate-datadog.id}}.'
- name: alert-slack
type: call
call: slack-finops.post-message
with:
channel: '#cloud-finance-alerts'
text: 'AWS Cost Anomaly: {{aws_service}} | Overage: ${{estimated_overage_usd}} | BU: {{business_unit}} | Jira: {{create-finops-issue.key}}'
consumes:
- type: http
namespace: datadog-finops
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: jira-finops
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-finops
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves the current state and last run status of a Terraform Cloud workspace used by AT&T infrastructure teams.
naftiko: '0.5'
info:
label: Terraform Workspace Status Lookup
description: Retrieves the current state and last run status of a Terraform Cloud workspace used by AT&T infrastructure teams.
tags:
- infrastructure
- terraform
capability:
exposes:
- type: mcp
namespace: iac-workspaces
port: 8080
tools:
- name: get-workspace-status
description: Check a Terraform Cloud workspace status. Returns current state version, last run status, and resource count.
inputParameters:
- name: workspace_id
in: body
type: string
description: The Terraform workspace ID.
call: terraform.get-workspace
with:
workspace_id: '{{workspace_id}}'
outputParameters:
- name: status
type: string
mapping: $.data.attributes.current-run.status
- name: resource_count
type: number
mapping: $.data.attributes.resource-count
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: workspaces
path: /workspaces/{{workspace_id}}
inputParameters:
- name: workspace_id
in: path
operations:
- name: get-workspace
method: GET
When an AKS pod enters CrashLoopBackOff, retrieves pod logs from Datadog, creates a Jira bug for the owning team, and alerts via PagerDuty.
naftiko: '0.5'
info:
label: Azure Kubernetes Pod Crash Responder
description: When an AKS pod enters CrashLoopBackOff, retrieves pod logs from Datadog, creates a Jira bug for the owning team, and alerts via PagerDuty.
tags:
- cloud
- kubernetes
- datadog
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: k8s-crash-response
port: 8080
tools:
- name: handle-pod-crash
description: Given a Kubernetes namespace and pod name, investigate the crash loop and escalate.
inputParameters:
- name: k8s_namespace
in: body
type: string
description: Kubernetes namespace.
- name: pod_name
in: body
type: string
description: Pod name in CrashLoopBackOff.
steps:
- name: get-logs
type: call
call: datadog.get-pod-logs
with:
namespace: '{{k8s_namespace}}'
pod_name: '{{pod_name}}'
- name: create-bug
type: call
call: jira.create-issue
with:
project: PLATFORM
summary: 'CrashLoopBackOff: {{k8s_namespace}}/{{pod_name}}'
issue_type: Bug
description: 'Last log: {{get-logs.last_message}}. Restart count: {{get-logs.restart_count}}'
- name: page-team
type: call
call: pagerduty.create-incident
with:
service_id: platform-engineering
title: 'CrashLoopBackOff: {{k8s_namespace}}/{{pod_name}} — {{create-bug.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v2
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: logs
path: /logs/events/search
operations:
- name: get-pod-logs
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
When a fiber outage is detected, queries the affected customer list from Snowflake, creates a ServiceNow major incident, and sends SMS notifications via Twilio.
naftiko: '0.5'
info:
label: Fiber Outage Customer Notification
description: When a fiber outage is detected, queries the affected customer list from Snowflake, creates a ServiceNow major incident, and sends SMS notifications via Twilio.
tags:
- network
- fiber
- snowflake
- servicenow
- twilio
capability:
exposes:
- type: mcp
namespace: customer-communications
port: 8080
tools:
- name: handle-fiber-outage
description: Given an outage region and severity, orchestrate customer notification workflow.
inputParameters:
- name: outage_region
in: body
type: string
description: The affected fiber region.
- name: severity
in: body
type: string
description: Outage severity level.
steps:
- name: get-affected-customers
type: call
call: snowflake.query-affected-customers
with:
region: '{{outage_region}}'
- name: create-major-incident
type: call
call: servicenow.create-incident
with:
short_description: Fiber outage in {{outage_region}} - {{severity}}
category: network
priority: '1'
- name: send-notifications
type: call
call: twilio.send-sms-batch
with:
recipients: '{{get-affected-customers.phone_numbers}}'
message: 'AT&T: We are aware of a service disruption in your area. Our team is working to restore service. Incident: {{create-major-incident.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: queries
path: /statements
operations:
- name: query-affected-customers
method: POST
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: twilio
baseUri: https://api.twilio.com/2010-04-01
authentication:
type: basic
username: $secrets.twilio_sid
password: $secrets.twilio_password
resources:
- name: messages
path: /Accounts/Messages.json
operations:
- name: send-sms-batch
method: POST
Pulls enterprise SLA metrics from Datadog, stores the summary in Snowflake, and emails the report to account managers via Microsoft Outlook.
naftiko: '0.5'
info:
label: Enterprise SLA Compliance Reporter
description: Pulls enterprise SLA metrics from Datadog, stores the summary in Snowflake, and emails the report to account managers via Microsoft Outlook.
tags:
- sla
- enterprise
- datadog
- snowflake
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: sla-compliance
port: 8080
tools:
- name: generate-sla-report
description: Given an enterprise account ID and reporting period, generate the SLA compliance report.
inputParameters:
- name: account_id
in: body
type: string
description: Enterprise customer account ID.
- name: period
in: body
type: string
description: Reporting period (e.g., 2026-Q1).
steps:
- name: get-sla-metrics
type: call
call: datadog.get-sla-metrics
with:
account_id: '{{account_id}}'
period: '{{period}}'
- name: store-report
type: call
call: snowflake.insert-report
with:
account_id: '{{account_id}}'
uptime_pct: '{{get-sla-metrics.uptime_pct}}'
latency_avg: '{{get-sla-metrics.latency_avg}}'
- name: email-report
type: call
call: outlook.send-email
with:
to: '{{get-sla-metrics.account_manager_email}}'
subject: 'SLA Report: {{account_id}} — {{period}}'
body: 'Uptime: {{get-sla-metrics.uptime_pct}}%. Avg latency: {{get-sla-metrics.latency_avg}}ms.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: sla
path: /slo/{{account_id}}
operations:
- name: get-sla-metrics
method: GET
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-report
method: POST
- type: http
namespace: outlook
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: mail
path: /me/sendMail
operations:
- name: send-email
method: POST
When a complex ServiceNow incident is created, submits the description to OpenAI for AI-assisted triage and recommended resolution steps, then updates the ticket.
naftiko: '0.5'
info:
label: Intelligent Incident Triage with OpenAI
description: When a complex ServiceNow incident is created, submits the description to OpenAI for AI-assisted triage and recommended resolution steps, then updates the ticket.
tags:
- ai
- itsm
- servicenow
- openai
- incident-response
capability:
exposes:
- type: mcp
namespace: ai-triage
port: 8080
tools:
- name: triage-incident-with-ai
description: Given a ServiceNow incident number, retrieve the incident, submit to OpenAI for root cause and resolution recommendations, and update the record with AI analysis.
inputParameters:
- name: incident_number
in: body
type: string
description: The ServiceNow incident number, e.g. INC0089012.
steps:
- name: get-incident
type: call
call: servicenow-ai.get-incident
with:
number: '{{incident_number}}'
- name: analyze-incident
type: call
call: openai.create-completion
with:
model: gpt-4o
prompt: 'Analyze this IT incident: 1) Probable root cause, 2) Recommended resolution steps, 3) Priority. Incident: {{get-incident.short_description}} — {{get-incident.description}}'
- name: update-incident
type: call
call: servicenow-ai.update-incident
with:
number: '{{incident_number}}'
work_notes: 'AI Analysis: {{analyze-incident.text}}'
consumes:
- type: http
namespace: servicenow-ai
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: get-incident
method: GET
inputParameters:
- name: number
in: query
- name: update-incident
method: PATCH
- type: http
namespace: openai
baseUri: https://api.openai.com/v1
authentication:
type: bearer
token: $secrets.openai_api_key
resources:
- name: completions
path: /chat/completions
operations:
- name: create-completion
method: POST
Retrieves the current status, active services, and open opportunities for an AT&T Salesforce enterprise customer account.
naftiko: '0.5'
info:
label: Salesforce Enterprise Account Lookup
description: Retrieves the current status, active services, and open opportunities for an AT&T Salesforce enterprise customer account.
tags:
- sales
- crm
- salesforce
- enterprise
capability:
exposes:
- type: mcp
namespace: crm-enterprise
port: 8080
tools:
- name: get-enterprise-account
description: Look up a Salesforce enterprise account by ID. Returns account name, active services, contract value, and renewal date. Use for account planning and customer reviews.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID for the enterprise customer.
call: salesforce.get-account
with:
account_id: '{{account_id}}'
outputParameters:
- name: name
type: string
mapping: $.Name
- name: annual_contract_value
type: number
mapping: $.AnnualRevenue
- name: tier
type: string
mapping: $.Customer_Tier__c
- name: renewal_date
type: string
mapping: $.Contract_Renewal_Date__c
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
Retrieves vendor master record details from AT&T SAP system for procurement inquiries.
naftiko: '0.5'
info:
label: SAP Vendor Master Lookup
description: Retrieves vendor master record details from AT&T SAP system for procurement inquiries.
tags:
- procurement
- sap
capability:
exposes:
- type: mcp
namespace: erp-vendors
port: 8080
tools:
- name: get-vendor
description: Look up an SAP vendor by ID. Returns vendor name, payment terms, and category.
inputParameters:
- name: vendor_id
in: body
type: string
description: The SAP vendor ID.
call: sap.get-vendor
with:
vendor_id: '{{vendor_id}}'
outputParameters:
- name: name
type: string
mapping: $.VendorName
- name: payment_terms
type: string
mapping: $.PaymentTerms
- name: category
type: string
mapping: $.VendorCategory
consumes:
- type: http
namespace: sap
baseUri: https://att-sap.example.com/sap/opu/odata/sap
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: vendors
path: /API_BUSINESS_PARTNER/A_Supplier('{{vendor_id}}')
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-vendor
method: GET
Queries Snowflake for failed or stalled network analytics data pipeline tasks and alerts the data engineering team via Slack.
naftiko: '0.5'
info:
label: Snowflake Network Data Pipeline Health Check
description: Queries Snowflake for failed or stalled network analytics data pipeline tasks and alerts the data engineering team via Slack.
tags:
- data
- analytics
- snowflake
- pipeline-monitoring
- slack
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: get-pipeline-task-failures
description: Query Snowflake task history for failed tasks in a given database and schema. Use to triage network data pipeline issues and SLA breaches.
inputParameters:
- name: database_name
in: body
type: string
description: The Snowflake database, e.g. ATT_NETWORK_ANALYTICS.
- name: schema_name
in: body
type: string
description: The Snowflake schema, e.g. NETWORK_ETL.
- name: lookback_hours
in: body
type: integer
description: Number of hours to look back in task history.
call: snowflake.query-task-history
with:
database: '{{database_name}}'
schema: '{{schema_name}}'
hours: '{{lookback_hours}}'
outputParameters:
- name: failed_tasks
type: array
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://att.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: task-history
path: /databases/{{database}}/schemas/{{schema}}/tasks/history
inputParameters:
- name: database
in: path
- name: schema
in: path
- name: hours
in: query
operations:
- name: query-task-history
method: GET
Retrieves the current status, schedule, and approval chain of a ServiceNow change request by number.
naftiko: '0.5'
info:
label: ServiceNow Change Request Lookup
description: Retrieves the current status, schedule, and approval chain of a ServiceNow change request by number.
tags:
- itsm
- servicenow
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: get-change-request
description: Given a change request number, return its status, scheduled start/end, and approval list.
inputParameters:
- name: change_number
in: body
type: string
description: The ServiceNow change request number (e.g., CHG0012345).
call: servicenow.get-change-request
with:
change_number: '{{change_number}}'
outputParameters:
- name: status
type: string
mapping: $.result.state
- name: scheduled_start
type: string
mapping: $.result.start_date
- name: scheduled_end
type: string
mapping: $.result.end_date
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request/{{change_number}}
inputParameters:
- name: change_number
in: path
operations:
- name: get-change-request
method: GET
When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Slack welcome message.
naftiko: '0.5'
info:
label: Employee Onboarding Orchestrator
description: When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta application access, and sends a Slack welcome message.
tags:
- hr
- onboarding
- workday
- servicenow
- okta
- slack
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-employee-onboarding
description: 'Given a Workday employee ID and start date, orchestrate the full onboarding sequence: create ServiceNow ticket, provision Okta access, and send a Slack welcome.'
inputParameters:
- name: workday_employee_id
in: body
type: string
description: The Workday worker ID for the new hire.
- name: start_date
in: body
type: string
description: The employee start date in ISO 8601 format.
- name: department
in: body
type: string
description: The department the new hire is joining.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
worker_id: '{{workday_employee_id}}'
- name: create-onboarding-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'New hire onboarding: {{get-worker.full_name}}'
category: hr_onboarding
assignment_group: IT_Onboarding
- name: provision-okta
type: call
call: okta.create-user
with:
first_name: '{{get-worker.first_name}}'
last_name: '{{get-worker.last_name}}'
email: '{{get-worker.work_email}}'
department: '{{get-worker.department}}'
- name: send-slack-welcome
type: call
call: slack.post-message
with:
channel: '#welcome-new-hires'
text: 'Welcome to AT&T, {{get-worker.first_name}} {{get-worker.last_name}}! Starting {{start_date}}. IT ticket: {{create-onboarding-ticket.number}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users
operations:
- name: create-user
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Detects infrastructure drift in Terraform Cloud, creates a Jira ticket for the platform team, triggers a remediation plan, and notifies via Microsoft Teams.
naftiko: '0.5'
info:
label: Terraform Drift Detection Remediation
description: Detects infrastructure drift in Terraform Cloud, creates a Jira ticket for the platform team, triggers a remediation plan, and notifies via Microsoft Teams.
tags:
- infrastructure
- terraform
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: infra-drift
port: 8080
tools:
- name: handle-terraform-drift
description: Given a Terraform workspace name with detected drift, initiate remediation workflow.
inputParameters:
- name: workspace_name
in: body
type: string
description: Terraform Cloud workspace name.
- name: drift_summary
in: body
type: string
description: Summary of detected drift.
steps:
- name: get-workspace
type: call
call: terraform.get-workspace
with:
workspace_name: '{{workspace_name}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: INFRA
summary: 'Terraform drift: {{workspace_name}}'
description: '{{drift_summary}}. Workspace ID: {{get-workspace.id}}'
- name: trigger-plan
type: call
call: terraform.create-run
with:
workspace_id: '{{get-workspace.id}}'
message: 'Drift remediation — Jira: {{create-ticket.key}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: platform-engineering
text: 'Terraform drift in {{workspace_name}}. Jira: {{create-ticket.key}}. Run: {{trigger-plan.id}}'
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: workspaces
path: /organizations/att/workspaces/{{workspace_name}}
operations:
- name: get-workspace
method: GET
- name: runs
path: /runs
operations:
- name: create-run
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a critical Datadog alert fires, creates a ServiceNow incident, pages the on-call team in PagerDuty, and posts an alert to the ops Slack channel.
naftiko: '0.5'
info:
label: IT Incident Response Chain
description: When a critical Datadog alert fires, creates a ServiceNow incident, pages the on-call team in PagerDuty, and posts an alert to the ops Slack channel.
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
- slack
capability:
exposes:
- type: mcp
namespace: it-ops
port: 8080
tools:
- name: handle-critical-alert
description: Given a Datadog alert ID, affected service, and severity, create a ServiceNow incident, trigger a PagerDuty page, and notify the ops Slack channel.
inputParameters:
- name: alert_id
in: body
type: string
description: The Datadog alert or monitor ID.
- name: service_name
in: body
type: string
description: The name of the affected service or application.
- name: severity
in: body
type: string
description: 'Alert severity: critical, high, medium, or low.'
- name: alert_message
in: body
type: string
description: The alert message body from Datadog.
steps:
- name: create-incident
type: call
call: servicenow-ops.create-incident
with:
short_description: '{{severity}} alert: {{service_name}} — {{alert_id}}'
description: '{{alert_message}}'
urgency: '1'
impact: '1'
assignment_group: IT_Operations
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
title: '{{severity}} alert on {{service_name}}'
service_id: $secrets.pagerduty_service_id
body: '{{alert_message}}'
- name: alert-slack
type: call
call: slack-ops.post-message
with:
channel: '#it-ops-alerts'
text: 'INCIDENT: {{severity}} on {{service_name}} | Datadog: {{alert_id}} | SNOW: {{create-incident.number}} | PD: {{page-oncall.incident_number}}'
consumes:
- type: http
namespace: servicenow-ops
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: apikey
key: Authorization
value: $secrets.pagerduty_token
placement: header
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-ops
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
On a GitHub Actions pipeline failure on a protected branch, creates a Jira bug, annotates Datadog, and alerts the engineering team in Slack.
naftiko: '0.5'
info:
label: GitHub CI/CD Pipeline Failure Response
description: On a GitHub Actions pipeline failure on a protected branch, creates a Jira bug, annotates Datadog, and alerts the engineering team in Slack.
tags:
- devops
- cicd
- github
- jira
- datadog
- slack
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: Given a GitHub Actions workflow failure, create a Datadog deployment event, open a Jira bug, and alert the engineering Slack channel.
inputParameters:
- name: repo_name
in: body
type: string
description: The GitHub repository in org/repo format.
- name: workflow_name
in: body
type: string
description: The GitHub Actions workflow name that failed.
- name: branch_name
in: body
type: string
description: The branch where the failure occurred.
- name: commit_sha
in: body
type: string
description: The commit SHA that triggered the workflow.
- name: run_url
in: body
type: string
description: URL to the failed GitHub Actions run.
steps:
- name: create-dd-event
type: call
call: datadog-cicd.create-event
with:
title: 'Pipeline failure: {{repo_name}}'
text: Workflow {{workflow_name}} failed on {{branch_name}} at {{commit_sha}}
alert_type: error
- name: create-jira-bug
type: call
call: jira.create-issue
with:
project_key: ENG
issuetype: Bug
summary: '[CI Failure] {{repo_name}} / {{branch_name}} — {{workflow_name}}'
description: 'Pipeline failure on {{branch_name}}. Commit: {{commit_sha}}. Run: {{run_url}}. Datadog: {{create-dd-event.id}}.'
- name: alert-engineering
type: call
call: slack-cicd.post-message
with:
channel: '#engineering-alerts'
text: 'Pipeline Failure: {{repo_name}} | Branch: {{branch_name}} | Jira: {{create-jira-bug.key}} | Run: {{run_url}}'
consumes:
- type: http
namespace: datadog-cicd
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-cicd
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves the current on-call engineer for a specified AT&T PagerDuty escalation policy.
naftiko: '0.5'
info:
label: PagerDuty On-Call Schedule Lookup
description: Retrieves the current on-call engineer for a specified AT&T PagerDuty escalation policy.
tags:
- operations
- pagerduty
capability:
exposes:
- type: mcp
namespace: on-call
port: 8080
tools:
- name: get-on-call
description: Look up the current on-call engineer for a PagerDuty policy. Returns name, contact, and shift end time.
inputParameters:
- name: policy_id
in: body
type: string
description: The PagerDuty escalation policy ID.
call: pagerduty.get-on-call
with:
policy_id: '{{policy_id}}'
outputParameters:
- name: on_call_name
type: string
mapping: $.oncalls[0].user.name
- name: email
type: string
mapping: $.oncalls[0].user.email
- name: shift_end
type: string
mapping: $.oncalls[0].end
consumes:
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: oncalls
path: /oncalls
operations:
- name: get-on-call
method: GET
Executes a search query against AT&T Splunk logs to retrieve recent events matching specified criteria.
naftiko: '0.5'
info:
label: Splunk Log Search
description: Executes a search query against AT&T Splunk logs to retrieve recent events matching specified criteria.
tags:
- security
- observability
- splunk
capability:
exposes:
- type: mcp
namespace: log-search
port: 8080
tools:
- name: search-logs
description: Search Splunk logs with a given SPL query. Returns matching events with timestamps and source.
inputParameters:
- name: search_query
in: body
type: string
description: The SPL search query.
- name: time_range
in: body
type: string
description: Time range for the search.
call: splunk.search
with:
search_query: '{{search_query}}'
time_range: '{{time_range}}'
outputParameters:
- name: events
type: string
mapping: $.results
- name: event_count
type: number
mapping: $.result_count
consumes:
- type: http
namespace: splunk
baseUri: https://att-splunk.example.com:8089/services
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: searches
path: /search/jobs
operations:
- name: search
method: POST
Retires an IT asset by updating ServiceNow CMDB, revoking access in Okta, and creating a Jira ticket for physical retrieval coordination.
naftiko: '0.5'
info:
label: IT Asset Retirement Workflow
description: Retires an IT asset by updating ServiceNow CMDB, revoking access in Okta, and creating a Jira ticket for physical retrieval coordination.
tags:
- itsm
- asset-management
- servicenow
- okta
- jira
capability:
exposes:
- type: mcp
namespace: asset-lifecycle
port: 8080
tools:
- name: retire-asset
description: Given a ServiceNow asset tag, retire the asset across all systems.
inputParameters:
- name: asset_tag
in: body
type: string
description: The ServiceNow CMDB asset tag.
- name: assigned_user
in: body
type: string
description: Email of the user assigned to the asset.
steps:
- name: update-cmdb
type: call
call: servicenow.update-asset
with:
asset_tag: '{{asset_tag}}'
status: retired
- name: revoke-access
type: call
call: okta.deactivate-user-device
with:
user_email: '{{assigned_user}}'
device_id: '{{asset_tag}}'
- name: create-retrieval-ticket
type: call
call: jira.create-issue
with:
project: ITOPS
summary: 'Asset retrieval: {{asset_tag}} from {{assigned_user}}'
description: CMDB status updated. Okta device access revoked.
consumes:
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: assets
path: /table/alm_hardware/{{asset_tag}}
operations:
- name: update-asset
method: PATCH
- type: http
namespace: okta
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: devices
path: /users/{{user_email}}/devices
operations:
- name: deactivate-user-device
method: DELETE
- type: http
namespace: jira
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
Retrieves details of a Salesforce opportunity including stage, value, and close date for AT&T sales teams.
naftiko: '0.5'
info:
label: Salesforce Opportunity Lookup
description: Retrieves details of a Salesforce opportunity including stage, value, and close date for AT&T sales teams.
tags:
- sales
- salesforce
capability:
exposes:
- type: mcp
namespace: crm-opportunities
port: 8080
tools:
- name: get-opportunity
description: Look up a Salesforce opportunity by ID. Returns name, stage, amount, and expected close date.
inputParameters:
- name: opportunity_id
in: body
type: string
description: The Salesforce opportunity ID.
call: salesforce.get-opportunity
with:
opportunity_id: '{{opportunity_id}}'
outputParameters:
- name: name
type: string
mapping: $.Name
- name: stage
type: string
mapping: $.StageName
- name: amount
type: number
mapping: $.Amount
- name: close_date
type: string
mapping: $.CloseDate
consumes:
- type: http
namespace: salesforce
baseUri: https://att.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity/{{opportunity_id}}
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
After a PagerDuty incident resolves, retrieves incident timeline, creates a Confluence postmortem page, and posts the link to the SRE channel in Microsoft Teams.
naftiko: '0.5'
info:
label: PagerDuty Incident Postmortem Creator
description: After a PagerDuty incident resolves, retrieves incident timeline, creates a Confluence postmortem page, and posts the link to the SRE channel in Microsoft Teams.
tags:
- sre
- postmortem
- pagerduty
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: incident-postmortem
port: 8080
tools:
- name: create-postmortem
description: Given a PagerDuty incident ID, generate a postmortem document.
inputParameters:
- name: incident_id
in: body
type: string
description: PagerDuty incident ID.
steps:
- name: get-incident
type: call
call: pagerduty.get-incident
with:
incident_id: '{{incident_id}}'
- name: create-page
type: call
call: confluence.create-page
with:
space_key: SRE
title: 'Postmortem: {{get-incident.title}}'
content: 'Duration: {{get-incident.duration}}. Service: {{get-incident.service_name}}. Timeline: {{get-incident.timeline}}'
- name: notify-sre
type: call
call: teams.post-message
with:
channel_id: sre-team
text: 'Postmortem created for PD-{{incident_id}}: {{get-incident.title}}. Confluence: {{create-page.url}}'
consumes:
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents/{{incident_id}}
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: https://att.atlassian.net/wiki/api/v2
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /pages
operations:
- name: create-page
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a PagerDuty network incident goes unacknowledged past SLA, escalates to senior on-call, creates a Jira post-mortem issue, and notifies the incident Slack channel.
naftiko: '0.5'
info:
label: PagerDuty Incident Escalation
description: When a PagerDuty network incident goes unacknowledged past SLA, escalates to senior on-call, creates a Jira post-mortem issue, and notifies the incident Slack channel.
tags:
- itsm
- incident-response
- pagerduty
- jira
- slack
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-unacknowledged-incident
description: Given an unacknowledged PagerDuty incident ID, escalate to senior on-call policy, create a Jira post-mortem issue, and notify the incident Slack bridge channel.
inputParameters:
- name: pd_incident_id
in: body
type: string
description: The PagerDuty incident ID to escalate.
- name: service_name
in: body
type: string
description: The affected service name.
- name: incident_summary
in: body
type: string
description: Brief description of the incident.
steps:
- name: escalate-pd
type: call
call: pagerduty-esc.escalate-incident
with:
incident_id: '{{pd_incident_id}}'
escalation_policy_id: $secrets.pd_senior_escalation_policy
- name: create-postmortem
type: call
call: jira-pm.create-issue
with:
project_key: PM
issuetype: Post-mortem
summary: 'Post-mortem: {{service_name}} — {{pd_incident_id}}'
description: '{{incident_summary}}'
- name: notify-bridge
type: call
call: slack-esc.post-message
with:
channel: '#incident-bridge'
text: 'Incident ESCALATED: {{service_name}} | PD: {{pd_incident_id}} | Post-mortem: {{create-postmortem.key}}'
consumes:
- type: http
namespace: pagerduty-esc
baseUri: https://api.pagerduty.com
authentication:
type: apikey
key: Authorization
value: $secrets.pagerduty_token
placement: header
resources:
- name: incident-escalations
path: /incidents/{{incident_id}}
inputParameters:
- name: incident_id
in: path
operations:
- name: escalate-incident
method: PUT
- type: http
namespace: jira-pm
baseUri: https://att.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack-esc
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Triggers a Power BI dataset refresh for AT&T's network KPI report and notifies the network analytics team via Slack when complete.
naftiko: '0.5'
info:
label: Power BI Network KPI Report Refresh
description: Triggers a Power BI dataset refresh for AT&T's network KPI report and notifies the network analytics team via Slack when complete.
tags:
- data
- analytics
- power-bi
- reporting
- slack
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: refresh-network-kpi-report
description: Given a Power BI workspace ID and dataset ID for the network KPI report, trigger a refresh and notify the network analytics Slack channel.
inputParameters:
- name: workspace_id
in: body
type: string
description: The Power BI workspace (group) ID.
- name: dataset_id
in: body
type: string
description: The Power BI dataset ID for the network KPI report.
- name: slack_channel
in: body
type: string
description: The Slack channel to notify on completion.
steps:
- name: trigger-refresh
type: call
call: powerbi.refresh-dataset
with:
workspace_id: '{{workspace_id}}'
dataset_id: '{{dataset_id}}'
- name: notify-analytics
type: call
call: slack-pbi.post-message
with:
channel: '{{slack_channel}}'
text: 'Network KPI dataset {{dataset_id}} refresh triggered. Refresh ID: {{trigger-refresh.refresh_id}}.'
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: dataset-refreshes
path: /groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: slack-pbi
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves metadata about an AT&T GitHub repository including language, last commit, and open issues count.
naftiko: '0.5'
info:
label: GitHub Repository Info Lookup
description: Retrieves metadata about an AT&T GitHub repository including language, last commit, and open issues count.
tags:
- engineering
- github
capability:
exposes:
- type: mcp
namespace: code-repos
port: 8080
tools:
- name: get-repo-info
description: Look up a GitHub repository by name. Returns description, primary language, open issues, and last push date.
inputParameters:
- name: repo_name
in: body
type: string
description: The repository name in org/repo format.
call: github.get-repository
with:
repo_name: '{{repo_name}}'
outputParameters:
- name: description
type: string
mapping: $.description
- name: language
type: string
mapping: $.language
- name: open_issues
type: number
mapping: $.open_issues_count
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: repos
path: /repos/{{repo_name}}
inputParameters:
- name: repo_name
in: path
operations:
- name: get-repository
method: GET
Retrieves the current pool member status and active connections for an F5 load balancer pool in the AT&T network.
naftiko: '0.5'
info:
label: F5 Load Balancer Pool Status
description: Retrieves the current pool member status and active connections for an F5 load balancer pool in the AT&T network.
tags:
- network
- load-balancing
- f5-networks
capability:
exposes:
- type: mcp
namespace: load-balancer
port: 8080
tools:
- name: get-pool-status
description: Given an F5 pool name, return the pool availability status, active member count, and total current connections.
inputParameters:
- name: pool_name
in: body
type: string
description: The F5 load balancer pool name.
call: f5.get-pool
with:
pool_name: '{{pool_name}}'
outputParameters:
- name: availability
type: string
mapping: $.availabilityState
- name: active_members
type: number
mapping: $.activeMemberCount
- name: current_connections
type: number
mapping: $.currentConnections
consumes:
- type: http
namespace: f5
baseUri: https://f5.att.com/mgmt/tm/ltm
authentication:
type: basic
username: $secrets.f5_user
password: $secrets.f5_password
resources:
- name: pools
path: /pool/{{pool_name}}/stats
inputParameters:
- name: pool_name
in: path
operations:
- name: get-pool
method: GET
When Datadog detects VoIP quality degradation, retrieves call quality metrics, creates a ServiceNow incident, and pages the voice engineering team through PagerDuty.
naftiko: '0.5'
info:
label: VoIP Quality Degradation Response
description: When Datadog detects VoIP quality degradation, retrieves call quality metrics, creates a ServiceNow incident, and pages the voice engineering team through PagerDuty.
tags:
- voice
- voip
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: voice-quality
port: 8080
tools:
- name: handle-voip-degradation
description: Given a Datadog alert ID for VoIP quality, initiate the quality degradation response workflow.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog monitor alert ID.
- name: region
in: body
type: string
description: Affected geographic region.
steps:
- name: get-alert-details
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: VoIP quality degradation — {{region}}
urgency: '2'
description: '{{get-alert-details.message}}'
- name: page-voice-team
type: call
call: pagerduty.create-incident
with:
service_id: voice-engineering
title: 'VoIP degradation: {{region}} — ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://att.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Searches AT&T Confluence knowledge base for articles matching a given query.
naftiko: '0.5'
info:
label: Confluence Knowledge Article Search
description: Searches AT&T Confluence knowledge base for articles matching a given query.
tags:
- knowledge-management
- confluence
capability:
exposes:
- type: mcp
namespace: knowledge-base
port: 8080
tools:
- name: search-articles
description: Search Confluence knowledge base articles. Returns matching article titles, URLs, and last updated dates.
inputParameters:
- name: query
in: body
type: string
description: The search query string.
call: confluence.search-content
with:
query: '{{query}}'
outputParameters:
- name: results
type: string
mapping: $.results
- name: total_count
type: number
mapping: $.totalSize
consumes:
- type: http
namespace: confluence
baseUri: https://att.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_password
resources:
- name: content
path: /search
operations:
- name: search-content
method: GET
When a new employee joins AT&T, provisions appropriate Okta application assignments based on their department and role from Workday.
naftiko: '0.5'
info:
label: Okta User Access Provisioning
description: When a new employee joins AT&T, provisions appropriate Okta application assignments based on their department and role from Workday.
tags:
- identity
- security
- okta
- workday
- access-management
capability:
exposes:
- type: mcp
namespace: identity-provisioning
port: 8080
tools:
- name: provision-okta-access
description: Given a Workday employee ID and Okta user ID, retrieve department and role from Workday, then assign appropriate Okta application groups.
inputParameters:
- name: workday_employee_id
in: body
type: string
description: The Workday worker ID for the employee.
- name: okta_user_id
in: body
type: string
description: The Okta user ID for the employee.
steps:
- name: get-worker-profile
type: call
call: workday-okta.get-worker
with:
worker_id: '{{workday_employee_id}}'
- name: assign-app-groups
type: call
call: okta-prov.assign-group
with:
user_id: '{{okta_user_id}}'
department: '{{get-worker-profile.department}}'
consumes:
- type: http
namespace: workday-okta
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /att/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta-prov
baseUri: https://att.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: group-members
path: /groups/{{group_id}}/users/{{user_id}}
inputParameters:
- name: group_id
in: path
- name: user_id
in: path
operations:
- name: assign-group
method: PUT
Checks the current state of an AWS CloudWatch alarm used to monitor AT&T cloud workloads.
naftiko: '0.5'
info:
label: CloudWatch Alarm Status Check
description: Checks the current state of an AWS CloudWatch alarm used to monitor AT&T cloud workloads.
tags:
- cloud
- monitoring
- aws
capability:
exposes:
- type: mcp
namespace: cloud-alarms
port: 8080
tools:
- name: get-alarm-status
description: Given a CloudWatch alarm name, return its current state, metric name, and threshold.
inputParameters:
- name: alarm_name
in: body
type: string
description: The CloudWatch alarm name.
call: cloudwatch.describe-alarm
with:
alarm_name: '{{alarm_name}}'
outputParameters:
- name: state
type: string
mapping: $.MetricAlarms[0].StateValue
- name: metric_name
type: string
mapping: $.MetricAlarms[0].MetricName
- name: threshold
type: number
mapping: $.MetricAlarms[0].Threshold
consumes:
- type: http
namespace: cloudwatch
baseUri: https://monitoring.us-east-1.amazonaws.com
authentication:
type: apikey
key: Authorization
value: $secrets.aws_auth_token
placement: header
resources:
- name: alarms
path: /
inputParameters:
- name: alarm_name
in: query
operations:
- name: describe-alarm
method: GET
Pulls advertising campaign metrics from Snowflake, refreshes the Power BI executive dashboard, and sends the weekly report to stakeholders via Microsoft Teams.
naftiko: '0.5'
info:
label: Ad Campaign Performance Reporter
description: Pulls advertising campaign metrics from Snowflake, refreshes the Power BI executive dashboard, and sends the weekly report to stakeholders via Microsoft Teams.
tags:
- advertising
- analytics
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ad-performance
port: 8080
tools:
- name: generate-ad-report
description: Given a campaign ID and date range, generate the performance report.
inputParameters:
- name: campaign_id
in: body
type: string
description: Advertising campaign ID.
- name: date_range
in: body
type: string
description: Reporting date range.
steps:
- name: get-metrics
type: call
call: snowflake.query-ad-metrics
with:
campaign_id: '{{campaign_id}}'
date_range: '{{date_range}}'
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
dataset_id: ad-performance
- name: notify-stakeholders
type: call
call: teams.post-message
with:
channel_id: ad-operations
text: 'Ad report: {{campaign_id}}. Impressions: {{get-metrics.impressions}}. CTR: {{get-metrics.ctr}}%. Dashboard refreshed.'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-ad-metrics
method: POST
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /datasets/{{dataset_id}}/refreshes
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Runs quarterly Okta access reviews by pulling user-app assignments, creating Jira review tasks for managers, and posting summary to the governance Teams channel.
naftiko: '0.5'
info:
label: Okta Quarterly Access Review
description: Runs quarterly Okta access reviews by pulling user-app assignments, creating Jira review tasks for managers, and posting summary to the governance Teams channel.
tags:
- security
- governance
- okta
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: access-review
port: 8080
tools:
- name: run-access-review
description: Given a department, run the quarterly access review and create review tasks.
inputParameters:
- name: department
in: body
type: string
description: Department to review.
steps:
- name: get-assignments
type: call
call: okta.get-department-apps
with:
department: '{{department}}'
- name: create-review
type: call
call: jira.create-issue
with:
project: GRC
summary: 'Q1 access review: {{department}}'
description: 'Users: {{get-assignments.user_count}}. Apps: {{get-assignments.app_count}}'
- name: notify-governance
type: call
call: teams.post-message
with:
channel_id: iam-governance
text: 'Access review: {{department}}. {{get-assignments.user_count}} users, {{get-assignments.app_count}} apps. Jira: {{create-review.key}}'
consumes:
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users
operations:
- name: get-department-apps
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Triggers a Power BI dataset refresh for the subscriber analytics dashboard after Snowflake pipeline completion and notifies the analytics team in Teams.
naftiko: '0.5'
info:
label: Power BI Dashboard Refresh Trigger
description: Triggers a Power BI dataset refresh for the subscriber analytics dashboard after Snowflake pipeline completion and notifies the analytics team in Teams.
tags:
- data
- analytics
- power-bi
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: bi-reporting
port: 8080
tools:
- name: trigger-dashboard-refresh
description: Given a Power BI workspace ID and dataset ID, trigger a dataset refresh and notify the analytics team in Teams when complete.
inputParameters:
- name: workspace_id
in: body
type: string
description: The Power BI workspace (group) ID.
- name: dataset_id
in: body
type: string
description: The Power BI dataset ID to refresh.
steps:
- name: trigger-refresh
type: call
call: powerbi.refresh-dataset
with:
workspaceId: '{{workspace_id}}'
datasetId: '{{dataset_id}}'
- name: notify-analytics
type: call
call: msteams.post-channel-message
with:
channelId: analytics-team
message: Power BI dataset {{dataset_id}} refresh triggered in workspace {{workspace_id}}.
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /groups/{{workspaceId}}/datasets/{{datasetId}}/refreshes
inputParameters:
- name: workspaceId
in: path
- name: datasetId
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When an employee's role changes in Workday, updates Okta group memberships to match the new role's access profile.
naftiko: '0.5'
info:
label: Workday Role Change Access Provisioning
description: When an employee's role changes in Workday, updates Okta group memberships to match the new role's access profile.
tags:
- hr
- identity
- workday
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: hr-identity
port: 8080
tools:
- name: sync-role-access
description: Given a Workday employee ID and new job profile, update Okta group memberships to reflect the new role's access entitlements.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID.
- name: new_job_profile
in: body
type: string
description: The new Workday job profile name.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: assign-okta-group
type: call
call: okta.add-user-to-group
with:
userId: '{{get-worker.okta_user_id}}'
groupProfile: '{{new_job_profile}}'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /comcast/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: group-members
path: /groups/{{groupProfile}}/users/{{userId}}
inputParameters:
- name: groupProfile
in: path
- name: userId
in: path
operations:
- name: add-user-to-group
method: PUT
Checks content licensing rights expiry in Snowflake, creates a Jira task for the content operations team, and notifies stakeholders via Microsoft Teams.
naftiko: '0.5'
info:
label: NBC Universal Content Rights Checker
description: Checks content licensing rights expiry in Snowflake, creates a Jira task for the content operations team, and notifies stakeholders via Microsoft Teams.
tags:
- content
- licensing
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: content-rights
port: 8080
tools:
- name: check-content-rights
description: Given a content catalog ID, check licensing rights and flag expirations.
inputParameters:
- name: catalog_id
in: body
type: string
description: Content catalog identifier.
steps:
- name: get-rights
type: call
call: snowflake.query-rights
with:
catalog_id: '{{catalog_id}}'
- name: create-task
type: call
call: jira.create-issue
with:
project: CONTENT
summary: 'Rights expiry: {{get-rights.title}} — {{get-rights.expiry_date}}'
description: 'Territories: {{get-rights.territories}}. License type: {{get-rights.license_type}}'
- name: notify-content-ops
type: call
call: teams.post-message
with:
channel_id: content-operations
text: 'Rights expiring: {{get-rights.title}} on {{get-rights.expiry_date}}. Jira: {{create-task.key}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-rights
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Generates SailPoint identity governance reports, stores results in Snowflake, and posts summary to the security governance Teams channel.
naftiko: '0.5'
info:
label: SailPoint Identity Governance Reporter
description: Generates SailPoint identity governance reports, stores results in Snowflake, and posts summary to the security governance Teams channel.
tags:
- security
- identity-governance
- sailpoint
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: identity-governance
port: 8080
tools:
- name: generate-governance-report
description: Given a governance campaign ID, generate the compliance report.
inputParameters:
- name: campaign_id
in: body
type: string
description: SailPoint certification campaign ID.
steps:
- name: get-campaign
type: call
call: sailpoint.get-campaign
with:
campaign_id: '{{campaign_id}}'
- name: store-results
type: call
call: snowflake.insert-governance
with:
campaign_id: '{{campaign_id}}'
completion_pct: '{{get-campaign.completion_pct}}'
- name: notify-governance
type: call
call: teams.post-message
with:
channel_id: security-governance
text: 'Governance report: {{get-campaign.name}}. Completion: {{get-campaign.completion_pct}}%. Reviewed: {{get-campaign.decisions_made}}'
consumes:
- type: http
namespace: sailpoint
baseUri: https://comcast.api.identitynow.com/v3
authentication:
type: bearer
token: $secrets.sailpoint_token
resources:
- name: campaigns
path: /campaigns/{{campaign_id}}
operations:
- name: get-campaign
method: GET
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-governance
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When GitHub Dependabot finds a critical vulnerability, creates a Jira security ticket, notifies the owning team via Microsoft Teams, and logs the event in Splunk.
naftiko: '0.5'
info:
label: GitHub Dependency Vulnerability Handler
description: When GitHub Dependabot finds a critical vulnerability, creates a Jira security ticket, notifies the owning team via Microsoft Teams, and logs the event in Splunk.
tags:
- security
- development
- github
- jira
- microsoft-teams
- splunk
capability:
exposes:
- type: mcp
namespace: dep-vuln-handler
port: 8080
tools:
- name: handle-dependency-vuln
description: Given a GitHub repository and advisory ID, create tracking ticket and notify.
inputParameters:
- name: repo_name
in: body
type: string
description: GitHub repository name.
- name: advisory_id
in: body
type: string
description: GitHub security advisory ID.
steps:
- name: get-advisory
type: call
call: github.get-advisory
with:
repo_name: '{{repo_name}}'
advisory_id: '{{advisory_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: SEC
summary: 'Dependency vuln: {{repo_name}} — {{get-advisory.package}}'
description: 'Severity: {{get-advisory.severity}}. CVE: {{get-advisory.cve}}'
- name: log-event
type: call
call: splunk.index-event
with:
source: github-dependabot
event: 'Vulnerability: {{repo_name}} — {{get-advisory.cve}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: appsec
text: 'Critical vuln: {{repo_name}} — {{get-advisory.package}} ({{get-advisory.severity}}). Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: advisories
path: /repos/comcast/{{repo_name}}/security-advisories/{{advisory_id}}
operations:
- name: get-advisory
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8088
authentication:
type: bearer
token: $secrets.splunk_hec_token
resources:
- name: events
path: /services/collector/event
operations:
- name: index-event
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Searches the Comcast Confluence knowledge base for articles matching a given query and returns the top results.
naftiko: '0.5'
info:
label: Confluence Knowledge Base Search
description: Searches the Comcast Confluence knowledge base for articles matching a given query and returns the top results.
tags:
- knowledge-management
- confluence
capability:
exposes:
- type: mcp
namespace: kb-search
port: 8080
tools:
- name: search-articles
description: Given a search query, return the top Confluence article titles and page IDs.
inputParameters:
- name: query
in: body
type: string
description: Search query string.
call: confluence.search
with:
query: '{{query}}'
outputParameters:
- name: result_count
type: number
mapping: $.size
- name: top_title
type: string
mapping: $.results[0].title
consumes:
- type: http
namespace: confluence
baseUri: https://comcast.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: content
path: /content/search
inputParameters:
- name: query
in: query
operations:
- name: search
method: GET
Returns current active headcount by department and cost center from Workday, for workforce planning and finance reporting.
naftiko: '0.5'
info:
label: Workday Headcount Snapshot
description: Returns current active headcount by department and cost center from Workday, for workforce planning and finance reporting.
tags:
- hr
- finance
- workday
- headcount
- reporting
capability:
exposes:
- type: mcp
namespace: hr-reporting
port: 8080
tools:
- name: get-headcount-snapshot
description: Returns current active employee headcount grouped by department and cost center from Workday. Use for workforce planning, headcount budgeting, and finance period close.
call: workday.get-headcount
outputParameters:
- name: employees
type: array
mapping: $.data
items:
- name: employee_id
type: string
mapping: $.id
- name: full_name
type: string
mapping: $.name
- name: department
type: string
mapping: $.department
- name: cost_center
type: string
mapping: $.costCenter
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /comcast/workers
operations:
- name: get-headcount
method: GET
Checks the latest Terraform Cloud run status for a Comcast infrastructure workspace.
naftiko: '0.5'
info:
label: Terraform Workspace Run Status
description: Checks the latest Terraform Cloud run status for a Comcast infrastructure workspace.
tags:
- infrastructure
- terraform
capability:
exposes:
- type: mcp
namespace: infra-runs
port: 8080
tools:
- name: get-run-status
description: Given a Terraform workspace name, return the latest run status and resource change count.
inputParameters:
- name: workspace_name
in: body
type: string
description: Terraform Cloud workspace name.
call: terraform.get-latest-run
with:
workspace_name: '{{workspace_name}}'
outputParameters:
- name: run_status
type: string
mapping: $.data.attributes.status
- name: resource_changes
type: number
mapping: $.data.attributes.resource_changes
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: workspaces
path: /organizations/comcast/workspaces/{{workspace_name}}
inputParameters:
- name: workspace_name
in: path
operations:
- name: get-latest-run
method: GET
Reconciles ServiceNow CMDB asset inventory against discovered assets, creates Jira tickets for unmatched items, and posts the reconciliation summary to Microsoft Teams.
naftiko: '0.5'
info:
label: ServiceNow Asset Discovery Reconciliation
description: Reconciles ServiceNow CMDB asset inventory against discovered assets, creates Jira tickets for unmatched items, and posts the reconciliation summary to Microsoft Teams.
tags:
- itsm
- asset-management
- servicenow
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: asset-reconciliation
port: 8080
tools:
- name: reconcile-assets
description: Given a ServiceNow discovery run ID, reconcile discovered vs. registered assets.
inputParameters:
- name: discovery_run_id
in: body
type: string
description: ServiceNow discovery run ID.
steps:
- name: get-discovery
type: call
call: servicenow.get-discovery-results
with:
run_id: '{{discovery_run_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: ITAM
summary: 'Asset reconciliation: {{get-discovery.unmatched_count}} unmatched'
description: 'Discovered: {{get-discovery.discovered_count}}. Matched: {{get-discovery.matched_count}}. Unmatched: {{get-discovery.unmatched_count}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: it-asset-management
text: 'Asset reconciliation: {{get-discovery.unmatched_count}} unmatched devices found. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: discovery
path: /table/discovery_status/{{run_id}}
operations:
- name: get-discovery-results
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a ServiceNow P1 incident is created, sets up a Teams bridge call, pages the on-call via PagerDuty, and posts status updates to the NOC channel.
naftiko: '0.5'
info:
label: ServiceNow Major Incident Bridge Coordinator
description: When a ServiceNow P1 incident is created, sets up a Teams bridge call, pages the on-call via PagerDuty, and posts status updates to the NOC channel.
tags:
- incident-management
- servicenow
- microsoft-teams
- pagerduty
capability:
exposes:
- type: mcp
namespace: major-incident
port: 8080
tools:
- name: coordinate-major-incident
description: Given a ServiceNow P1 incident number, set up the major incident bridge.
inputParameters:
- name: incident_number
in: body
type: string
description: ServiceNow P1 incident number.
steps:
- name: get-incident
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: noc-oncall
title: 'P1: {{get-incident.short_description}} — {{incident_number}}'
urgency: high
- name: post-bridge
type: call
call: teams.post-message
with:
channel_id: noc-major-incidents
text: 'P1 BRIDGE: {{incident_number}} — {{get-incident.short_description}}. On-call paged. Join bridge immediately.'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves the candidate pipeline status for an open Workday job requisition and summarizes candidate stage counts for the recruiting team.
naftiko: '0.5'
info:
label: Workday Recruiting Pipeline Summary
description: Retrieves the candidate pipeline status for an open Workday job requisition and summarizes candidate stage counts for the recruiting team.
tags:
- hr
- recruiting
- workday
- reporting
capability:
exposes:
- type: mcp
namespace: recruiting
port: 8080
tools:
- name: get-requisition-pipeline
description: Given a Workday job requisition ID, return a stage-by-stage summary of candidates in the hiring pipeline including screened, interviewed, and offered counts.
inputParameters:
- name: requisition_id
in: body
type: string
description: The Workday job requisition ID.
call: workday.get-job-requisition
with:
requisitionId: '{{requisition_id}}'
outputParameters:
- name: job_title
type: string
mapping: $.jobRequisition.jobTitle
- name: total_candidates
type: number
mapping: $.jobRequisition.candidateCount
- name: open_since
type: string
mapping: $.jobRequisition.openDate
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: job-requisitions
path: /comcast/jobRequisitions/{{requisitionId}}
inputParameters:
- name: requisitionId
in: path
operations:
- name: get-job-requisition
method: GET
Retrieves the approval status and total amount of a SAP Concur expense report at Comcast.
naftiko: '0.5'
info:
label: SAP Concur Expense Status Lookup
description: Retrieves the approval status and total amount of a SAP Concur expense report at Comcast.
tags:
- finance
- expenses
- sap-concur
capability:
exposes:
- type: mcp
namespace: expense-status
port: 8080
tools:
- name: get-expense-report
description: Given a Concur expense report ID, return its status, total amount, and approver name.
inputParameters:
- name: report_id
in: body
type: string
description: SAP Concur expense report ID.
call: concur.get-report
with:
report_id: '{{report_id}}'
outputParameters:
- name: status
type: string
mapping: $.ApprovalStatusName
- name: total
type: number
mapping: $.Total
- name: approver
type: string
mapping: $.ApproverName
consumes:
- type: http
namespace: concur
baseUri: https://us.api.concursolutions.com/api/v3.0
authentication:
type: bearer
token: $secrets.concur_token
resources:
- name: reports
path: /expense/reports/{{report_id}}
inputParameters:
- name: report_id
in: path
operations:
- name: get-report
method: GET
Monitors Xfinity mobile app crash rates via Datadog, creates a Jira bug when thresholds are exceeded, and notifies the mobile engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: Xfinity App Crash Rate Monitor
description: Monitors Xfinity mobile app crash rates via Datadog, creates a Jira bug when thresholds are exceeded, and notifies the mobile engineering team via Microsoft Teams.
tags:
- mobile
- observability
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: app-crash-monitor
port: 8080
tools:
- name: handle-crash-rate-alert
description: Given a Datadog alert for app crash rate spike, create bug and notify.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: app_version
in: body
type: string
description: App version affected.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-bug
type: call
call: jira.create-issue
with:
project: MOBILE
summary: 'Crash rate spike: Xfinity app {{app_version}}'
issue_type: Bug
description: '{{get-alert.message}}'
- name: notify-mobile
type: call
call: teams.post-message
with:
channel_id: mobile-engineering
text: 'Crash rate alert: Xfinity app {{app_version}}. Jira: {{create-bug.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When an employee termination is processed in Workday, deactivates their Okta account, closes ServiceNow assignments, and logs the offboarding in Splunk.
naftiko: '0.5'
info:
label: Workday Termination Access Revocation
description: When an employee termination is processed in Workday, deactivates their Okta account, closes ServiceNow assignments, and logs the offboarding in Splunk.
tags:
- hr
- offboarding
- workday
- okta
- servicenow
- splunk
capability:
exposes:
- type: mcp
namespace: termination-sync
port: 8080
tools:
- name: process-termination
description: Given a Workday employee ID for a terminated employee, revoke all access.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
employee_id: '{{employee_id}}'
- name: deactivate-okta
type: call
call: okta.deactivate-user
with:
user_email: '{{get-worker.email}}'
- name: close-assignments
type: call
call: servicenow.close-user-tickets
with:
user_email: '{{get-worker.email}}'
- name: log-offboarding
type: call
call: splunk.index-event
with:
source: hr-offboarding
event: 'Terminated: {{get-worker.name}} ({{get-worker.email}}). Okta deactivated. ServiceNow closed.'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{employee_id}}
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{user_email}}/lifecycle/deactivate
operations:
- name: deactivate-user
method: POST
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: tickets
path: /table/incident
operations:
- name: close-user-tickets
method: PATCH
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8088
authentication:
type: bearer
token: $secrets.splunk_hec_token
resources:
- name: events
path: /services/collector/event
operations:
- name: index-event
method: POST
Retrieves the latest pipeline run status for a Comcast Azure DevOps project.
naftiko: '0.5'
info:
label: Azure DevOps Pipeline Status
description: Retrieves the latest pipeline run status for a Comcast Azure DevOps project.
tags:
- cicd
- azure-devops
capability:
exposes:
- type: mcp
namespace: pipeline-status
port: 8080
tools:
- name: get-pipeline-run
description: Given an Azure DevOps project name and pipeline ID, return the latest run status and result.
inputParameters:
- name: project_name
in: body
type: string
description: Azure DevOps project name.
- name: pipeline_id
in: body
type: string
description: Pipeline ID.
call: azdo.get-run
with:
project_name: '{{project_name}}'
pipeline_id: '{{pipeline_id}}'
outputParameters:
- name: state
type: string
mapping: $.value[0].state
- name: result
type: string
mapping: $.value[0].result
consumes:
- type: http
namespace: azdo
baseUri: https://dev.azure.com/comcast
authentication:
type: basic
username: $secrets.azdo_user
password: $secrets.azdo_pat
resources:
- name: pipelines
path: /{{project_name}}/_apis/pipelines/{{pipeline_id}}/runs
inputParameters:
- name: project_name
in: path
- name: pipeline_id
in: path
operations:
- name: get-run
method: GET
Checks Jira for release readiness by verifying all stories are done, creates a Confluence release notes page, and posts the go/no-go status to Microsoft Teams.
naftiko: '0.5'
info:
label: Jira Release Readiness Checker
description: Checks Jira for release readiness by verifying all stories are done, creates a Confluence release notes page, and posts the go/no-go status to Microsoft Teams.
tags:
- release-management
- jira
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: release-readiness
port: 8080
tools:
- name: check-release-readiness
description: Given a Jira release version, verify readiness and generate release notes.
inputParameters:
- name: version_name
in: body
type: string
description: Jira fix version name.
- name: project_key
in: body
type: string
description: Jira project key.
steps:
- name: get-version-issues
type: call
call: jira.search-version-issues
with:
project: '{{project_key}}'
version: '{{version_name}}'
- name: create-release-notes
type: call
call: confluence.create-page
with:
space_key: REL
title: 'Release Notes: {{project_key}} {{version_name}}'
content: 'Total: {{get-version-issues.total}}. Done: {{get-version-issues.done}}. Open: {{get-version-issues.open}}'
- name: post-status
type: call
call: teams.post-message
with:
channel_id: release-management
text: 'Release {{version_name}}: {{get-version-issues.done}}/{{get-version-issues.total}} done. Notes: {{create-release-notes.url}}'
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: search
path: /search
operations:
- name: search-version-issues
method: GET
- type: http
namespace: confluence
baseUri: https://comcast.atlassian.net/wiki/api/v2
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /pages
operations:
- name: create-page
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog alerts on RDS storage approaching capacity, retrieves instance details, creates a ServiceNow change request for expansion, and notifies the DBA team via Microsoft Teams.
naftiko: '0.5'
info:
label: AWS RDS Storage Capacity Handler
description: When Datadog alerts on RDS storage approaching capacity, retrieves instance details, creates a ServiceNow change request for expansion, and notifies the DBA team via Microsoft Teams.
tags:
- database
- cloud
- aws
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: rds-capacity
port: 8080
tools:
- name: handle-rds-capacity
description: Given a Datadog alert for RDS storage, initiate capacity expansion.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: db_instance
in: body
type: string
description: RDS instance identifier.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'RDS storage expansion: {{db_instance}}'
category: database
priority: '2'
- name: notify-dba
type: call
call: teams.post-message
with:
channel_id: dba-team
text: 'RDS storage alert: {{db_instance}}. Change: {{create-change.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Aggregates broadband speed test data from Snowflake, identifies underperforming markets, and posts the report to the network engineering Teams channel.
naftiko: '0.5'
info:
label: Broadband Speed Test Analytics Reporter
description: Aggregates broadband speed test data from Snowflake, identifies underperforming markets, and posts the report to the network engineering Teams channel.
tags:
- network
- analytics
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: speed-analytics
port: 8080
tools:
- name: generate-speed-report
description: Given a market region, generate the speed test analytics report.
inputParameters:
- name: market_region
in: body
type: string
description: Market region to analyze.
steps:
- name: get-speed-data
type: call
call: snowflake.query-speed-tests
with:
market_region: '{{market_region}}'
- name: notify-engineering
type: call
call: teams.post-message
with:
channel_id: network-engineering
text: 'Speed report: {{market_region}}. Avg download: {{get-speed-data.avg_download_mbps}} Mbps. Below-threshold: {{get-speed-data.below_threshold_pct}}%'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-speed-tests
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves Okta users with privileged group assignments for a quarterly access review and posts the report to SharePoint for compliance records.
naftiko: '0.5'
info:
label: Okta User Access Review
description: Retrieves Okta users with privileged group assignments for a quarterly access review and posts the report to SharePoint for compliance records.
tags:
- identity
- security
- okta
- sharepoint
- access-management
capability:
exposes:
- type: mcp
namespace: identity-ops
port: 8080
tools:
- name: run-access-review
description: Given an Okta group ID, retrieve all active group members and their application assignments, then upload the access review report to SharePoint.
inputParameters:
- name: group_id
in: body
type: string
description: The Okta group ID to review for privileged access.
- name: sharepoint_site_id
in: body
type: string
description: The SharePoint site ID where the access review report should be uploaded.
steps:
- name: get-group-members
type: call
call: okta.get-group-members
with:
groupId: '{{group_id}}'
- name: upload-report
type: call
call: sharepoint.create-file
with:
siteId: '{{sharepoint_site_id}}'
fileName: access-review-{{group_id}}.json
content: '{{get-group-members.members}}'
consumes:
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: group-members
path: /groups/{{groupId}}/users
inputParameters:
- name: groupId
in: path
operations:
- name: get-group-members
method: GET
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /sites/{{siteId}}/drive/root/children
inputParameters:
- name: siteId
in: path
operations:
- name: create-file
method: POST
When a SAP Concur expense report violates policy, retrieves violation details, creates a Jira compliance ticket, and notifies the finance team via Microsoft Teams.
naftiko: '0.5'
info:
label: SAP Concur Policy Violation Handler
description: When a SAP Concur expense report violates policy, retrieves violation details, creates a Jira compliance ticket, and notifies the finance team via Microsoft Teams.
tags:
- finance
- compliance
- sap-concur
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: expense-compliance
port: 8080
tools:
- name: handle-policy-violation
description: Given a Concur report ID with policy violations, create tracking and notify.
inputParameters:
- name: report_id
in: body
type: string
description: SAP Concur expense report ID.
steps:
- name: get-report
type: call
call: concur.get-report
with:
report_id: '{{report_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: FIN
summary: 'Expense violation: {{get-report.employee_name}} — ${{get-report.total}}'
description: 'Violation: {{get-report.violation_reason}}'
- name: notify-finance
type: call
call: teams.post-message
with:
channel_id: finance-compliance
text: 'Expense violation: {{get-report.employee_name}} (${{get-report.total}}). Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: concur
baseUri: https://us.api.concursolutions.com/api/v3.0
authentication:
type: bearer
token: $secrets.concur_token
resources:
- name: reports
path: /expense/reports/{{report_id}}
operations:
- name: get-report
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects API gateway throttling, retrieves request metrics, creates a Jira capacity ticket, and alerts the API team via Microsoft Teams.
naftiko: '0.5'
info:
label: Datadog API Gateway Throttle Handler
description: When Datadog detects API gateway throttling, retrieves request metrics, creates a Jira capacity ticket, and alerts the API team via Microsoft Teams.
tags:
- api
- observability
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: api-throttle
port: 8080
tools:
- name: handle-throttle-alert
description: Given a Datadog alert for API throttling, investigate and create capacity ticket.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: api_name
in: body
type: string
description: API service name.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: API
summary: 'Throttling: {{api_name}}'
description: '{{get-alert.message}}'
- name: notify-api-team
type: call
call: teams.post-message
with:
channel_id: api-platform
text: 'API throttling: {{api_name}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
After a ServiceNow incident is resolved, extracts lessons learned and updates the Confluence runbook, then notifies the engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: Confluence Incident Runbook Updater
description: After a ServiceNow incident is resolved, extracts lessons learned and updates the Confluence runbook, then notifies the engineering team via Microsoft Teams.
tags:
- knowledge-management
- servicenow
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: runbook-ops
port: 8080
tools:
- name: update-runbook
description: Given a resolved ServiceNow incident, update the related Confluence runbook.
inputParameters:
- name: incident_number
in: body
type: string
description: ServiceNow incident number.
steps:
- name: get-incident
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: update-page
type: call
call: confluence.update-page
with:
page_id: '{{get-incident.runbook_id}}'
content: 'Lessons from {{incident_number}}: {{get-incident.close_notes}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: sre-team
text: 'Runbook updated from {{incident_number}}. Page: {{get-incident.runbook_id}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: https://comcast.atlassian.net/wiki/api/v2
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /pages/{{page_id}}
operations:
- name: update-page
method: PUT
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a Salesforce service case is escalated by a high-value subscriber, creates a ServiceNow priority ticket and notifies the enterprise support team in Microsoft Teams.
naftiko: '0.5'
info:
label: Salesforce Case Escalation Handler
description: When a Salesforce service case is escalated by a high-value subscriber, creates a ServiceNow priority ticket and notifies the enterprise support team in Microsoft Teams.
tags:
- customer-support
- crm
- salesforce
- servicenow
- microsoft-teams
- escalation
capability:
exposes:
- type: mcp
namespace: support-ops
port: 8080
tools:
- name: handle-case-escalation
description: Given a Salesforce case ID, retrieve case details and escalate to ServiceNow with a Teams notification to the enterprise support team.
inputParameters:
- name: case_id
in: body
type: string
description: The Salesforce case record ID.
steps:
- name: get-case
type: call
call: salesforce.get-case
with:
caseId: '{{case_id}}'
- name: create-snow-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'Escalated case: {{get-case.Subject}}'
description: 'Salesforce Case: {{case_id}}
Account: {{get-case.AccountName}}
Description: {{get-case.Description}}'
urgency: '2'
- name: notify-enterprise-support
type: call
call: msteams.post-channel-message
with:
channelId: enterprise-support
message: 'Case escalation: {{get-case.Subject}} | Account: {{get-case.AccountName}} | ServiceNow: {{create-snow-ticket.number}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: cases
path: /sobjects/Case/{{caseId}}
inputParameters:
- name: caseId
in: path
operations:
- name: get-case
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When a new deployment is released via GitHub Actions, creates a Datadog deployment marker to annotate the release on all monitoring dashboards.
naftiko: '0.5'
info:
label: Datadog Dashboard Annotation on Deployment
description: When a new deployment is released via GitHub Actions, creates a Datadog deployment marker to annotate the release on all monitoring dashboards.
tags:
- devops
- observability
- github
- datadog
- deployment
capability:
exposes:
- type: mcp
namespace: deployment-ops
port: 8080
tools:
- name: annotate-deployment
description: Given a GitHub repository, branch, and commit SHA, create a Datadog deployment marker to annotate dashboards at the deployment timestamp.
inputParameters:
- name: repo
in: body
type: string
description: GitHub repository name in owner/repo format.
- name: branch
in: body
type: string
description: The branch that was deployed.
- name: commit_sha
in: body
type: string
description: The git commit SHA being deployed.
- name: service_name
in: body
type: string
description: The Datadog service name to annotate.
steps:
- name: create-dd-marker
type: call
call: datadog.create-event
with:
title: 'Deployment: {{service_name}} {{commit_sha}}'
text: 'Repo: {{repo}} | Branch: {{branch}} | Commit: {{commit_sha}}'
alert_type: info
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channelId: deployments
message: 'Deployment annotated in Datadog: {{service_name}} {{commit_sha}} from {{branch}}.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Retrieves completed NPS survey responses from Salesforce and posts a weekly satisfaction summary to the customer success Teams channel.
naftiko: '0.5'
info:
label: Salesforce NPS Score Campaign Sync
description: Retrieves completed NPS survey responses from Salesforce and posts a weekly satisfaction summary to the customer success Teams channel.
tags:
- crm
- customer-success
- salesforce
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: cx-reporting
port: 8080
tools:
- name: publish-nps-digest
description: Given a date range, retrieve NPS survey results from Salesforce and post a satisfaction score summary to the customer success Teams channel.
inputParameters:
- name: start_date
in: body
type: string
description: Report start date in YYYY-MM-DD format.
- name: end_date
in: body
type: string
description: Report end date in YYYY-MM-DD format.
steps:
- name: get-nps-results
type: call
call: salesforce.get-nps-surveys
with:
startDate: '{{start_date}}'
endDate: '{{end_date}}'
- name: post-digest
type: call
call: msteams.post-channel-message
with:
channelId: customer-success
message: 'NPS digest ({{start_date}} to {{end_date}}): Score={{get-nps-results.npsScore}}, Promoters={{get-nps-results.promoters}}, Detractors={{get-nps-results.detractors}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: nps-surveys
path: /query
inputParameters:
- name: startDate
in: query
- name: endDate
in: query
operations:
- name: get-nps-surveys
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Retrieves details of a CrowdStrike endpoint detection including severity, tactic, and affected hostname.
naftiko: '0.5'
info:
label: CrowdStrike Endpoint Detection Lookup
description: Retrieves details of a CrowdStrike endpoint detection including severity, tactic, and affected hostname.
tags:
- security
- endpoint
- crowdstrike
capability:
exposes:
- type: mcp
namespace: endpoint-detections
port: 8080
tools:
- name: get-detection
description: Given a CrowdStrike detection ID, return the severity, tactic, technique, and hostname.
inputParameters:
- name: detection_id
in: body
type: string
description: CrowdStrike detection ID.
call: crowdstrike.get-detection
with:
detection_id: '{{detection_id}}'
outputParameters:
- name: severity
type: string
mapping: $.resources[0].severity
- name: tactic
type: string
mapping: $.resources[0].tactic
- name: hostname
type: string
mapping: $.resources[0].hostname
consumes:
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: detections
path: /detects/entities/summaries/GET/v1
operations:
- name: get-detection
method: POST
When CrowdStrike detects ransomware activity, isolates the affected endpoint, creates a ServiceNow P1 security incident, and alerts the SOC and CISO via Microsoft Teams.
naftiko: '0.5'
info:
label: CrowdStrike Ransomware Containment
description: When CrowdStrike detects ransomware activity, isolates the affected endpoint, creates a ServiceNow P1 security incident, and alerts the SOC and CISO via Microsoft Teams.
tags:
- security
- ransomware
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ransomware-response
port: 8080
tools:
- name: contain-ransomware
description: Given a CrowdStrike detection ID, contain the ransomware and escalate.
inputParameters:
- name: detection_id
in: body
type: string
description: CrowdStrike detection ID.
steps:
- name: get-detection
type: call
call: crowdstrike.get-detection
with:
detection_id: '{{detection_id}}'
- name: isolate-host
type: call
call: crowdstrike.contain-host
with:
host_id: '{{get-detection.host_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Ransomware: {{get-detection.malware_family}} on {{get-detection.hostname}}'
urgency: '1'
impact: '1'
- name: alert-soc
type: call
call: teams.post-message
with:
channel_id: soc-critical
text: 'RANSOMWARE: {{get-detection.hostname}} isolated. Family: {{get-detection.malware_family}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: detections
path: /detects/entities/summaries/GET/v1
operations:
- name: get-detection
method: POST
- name: hosts
path: /hosts/entities/host-actions/v1
operations:
- name: contain-host
method: POST
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
On a protected-branch GitHub Actions failure, creates a Jira bug, posts an alert to the engineering Teams channel, and logs an event in Datadog.
naftiko: '0.5'
info:
label: GitHub Actions Pipeline Failure Handler
description: On a protected-branch GitHub Actions failure, creates a Jira bug, posts an alert to the engineering Teams channel, and logs an event in Datadog.
tags:
- devops
- cicd
- github
- jira
- datadog
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: Given a GitHub Actions workflow failure, create a Jira bug, send a Datadog event marker, and alert the engineering Teams channel.
inputParameters:
- name: repo
in: body
type: string
description: GitHub repository in owner/repo format.
- name: workflow_name
in: body
type: string
description: The name of the failed GitHub Actions workflow.
- name: branch
in: body
type: string
description: The branch on which the failure occurred.
- name: run_id
in: body
type: string
description: The GitHub Actions workflow run ID.
steps:
- name: get-run-details
type: call
call: github.get-workflow-run
with:
repo: '{{repo}}'
run_id: '{{run_id}}'
- name: create-jira-bug
type: call
call: jira.create-issue
with:
projectKey: ENG
issuetype: Bug
summary: '[CI Failure] {{repo}} / {{branch}} — {{workflow_name}}'
description: 'Run: {{run_id}}
Conclusion: {{get-run-details.conclusion}}'
- name: log-datadog
type: call
call: datadog.create-event
with:
title: 'CI Failure: {{repo}} {{workflow_name}}'
text: 'Branch: {{branch}}, Run: {{run_id}}'
alert_type: error
- name: alert-team
type: call
call: msteams.post-channel-message
with:
channelId: engineering-alerts
message: 'CI Failure: {{repo}} | Branch: {{branch}} | Workflow: {{workflow_name}} | Jira: {{create-jira-bug.key}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repo}}/actions/runs/{{run_id}}
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Monitors subscriber data quality in Snowflake, identifies anomalies, creates Jira tickets for the data team, and posts alerts to the data-ops Teams channel.
naftiko: '0.5'
info:
label: Snowflake Subscriber Data Quality Monitor
description: Monitors subscriber data quality in Snowflake, identifies anomalies, creates Jira tickets for the data team, and posts alerts to the data-ops Teams channel.
tags:
- data-quality
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: check-data-quality
description: Given a Snowflake table name, run quality checks and report anomalies.
inputParameters:
- name: table_name
in: body
type: string
description: Snowflake table name.
steps:
- name: run-checks
type: call
call: snowflake.run-quality-checks
with:
table_name: '{{table_name}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: DATA
summary: 'Data quality: {{table_name}} — {{run-checks.anomaly_count}} anomalies'
description: 'Null rate: {{run-checks.null_rate}}%. Duplicate rate: {{run-checks.duplicate_rate}}%'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: data-ops
text: 'Data quality: {{table_name}}. {{run-checks.anomaly_count}} anomalies. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: run-quality-checks
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects database connection pool exhaustion, retrieves metrics, creates a ServiceNow incident, and notifies the DBA team via Microsoft Teams.
naftiko: '0.5'
info:
label: Datadog Database Connection Pool Alert
description: When Datadog detects database connection pool exhaustion, retrieves metrics, creates a ServiceNow incident, and notifies the DBA team via Microsoft Teams.
tags:
- database
- observability
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: db-pool-alert
port: 8080
tools:
- name: handle-pool-exhaustion
description: Given a Datadog alert for connection pool issues, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: db_host
in: body
type: string
description: Database hostname.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'DB pool exhaustion: {{db_host}}'
urgency: '2'
description: '{{get-alert.message}}'
- name: notify-dba
type: call
call: teams.post-message
with:
channel_id: dba-team
text: 'DB pool alert: {{db_host}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves an employee profile from Workday including job title, department, manager name, and hire date.
naftiko: '0.5'
info:
label: Workday Employee Profile Lookup
description: Retrieves an employee profile from Workday including job title, department, manager name, and hire date.
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: employee-profiles
port: 8080
tools:
- name: get-employee-profile
description: Given a Workday employee ID, return the employee profile details.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
call: workday.get-worker
with:
employee_id: '{{employee_id}}'
outputParameters:
- name: job_title
type: string
mapping: $.jobTitle
- name: department
type: string
mapping: $.department
- name: manager
type: string
mapping: $.manager
- name: hire_date
type: string
mapping: $.hireDate
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{employee_id}}
inputParameters:
- name: employee_id
in: path
operations:
- name: get-worker
method: GET
Coordinates bulk DOCSIS modem firmware upgrades by verifying compatibility, creating a ServiceNow change request, and scheduling the maintenance window via PagerDuty.
naftiko: '0.5'
info:
label: DOCSIS Modem Firmware Upgrade Coordinator
description: Coordinates bulk DOCSIS modem firmware upgrades by verifying compatibility, creating a ServiceNow change request, and scheduling the maintenance window via PagerDuty.
tags:
- network
- cable
- firmware
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: modem-firmware
port: 8080
tools:
- name: coordinate-modem-upgrade
description: Given a modem model and target firmware version, coordinate the upgrade across affected devices.
inputParameters:
- name: modem_model
in: body
type: string
description: DOCSIS modem model identifier.
- name: target_firmware
in: body
type: string
description: Target firmware version.
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'DOCSIS firmware upgrade: {{modem_model}} to {{target_firmware}}'
category: network
priority: '3'
- name: schedule-maintenance
type: call
call: pagerduty.create-maintenance-window
with:
service_id: cable-network-ops
description: 'Modem firmware: {{modem_model}} — CHG: {{create-change.number}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: maintenance
path: /maintenance_windows
operations:
- name: create-maintenance-window
method: POST
Detects infrastructure drift in Terraform Cloud, creates a Jira ticket, triggers a remediation run, and notifies the platform team via Microsoft Teams.
naftiko: '0.5'
info:
label: Terraform Infrastructure Drift Remediator
description: Detects infrastructure drift in Terraform Cloud, creates a Jira ticket, triggers a remediation run, and notifies the platform team via Microsoft Teams.
tags:
- infrastructure
- terraform
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: drift-remediation
port: 8080
tools:
- name: remediate-drift
description: Given a Terraform workspace with drift, initiate remediation.
inputParameters:
- name: workspace_name
in: body
type: string
description: Terraform workspace name.
- name: drift_summary
in: body
type: string
description: Summary of detected drift.
steps:
- name: get-workspace
type: call
call: terraform.get-workspace
with:
workspace_name: '{{workspace_name}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: INFRA
summary: 'Drift: {{workspace_name}}'
description: '{{drift_summary}}'
- name: trigger-run
type: call
call: terraform.create-run
with:
workspace_id: '{{get-workspace.id}}'
message: Drift fix — {{create-ticket.key}}
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: platform-engineering
text: 'Drift: {{workspace_name}}. Jira: {{create-ticket.key}}. Run: {{trigger-run.id}}'
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: workspaces
path: /organizations/comcast/workspaces/{{workspace_name}}
operations:
- name: get-workspace
method: GET
- name: runs
path: /runs
operations:
- name: create-run
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves the current sprint status and issue breakdown for a Comcast engineering Jira project.
naftiko: '0.5'
info:
label: Jira Project Status Lookup
description: Retrieves the current sprint status and issue breakdown for a Comcast engineering Jira project.
tags:
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: project-status
port: 8080
tools:
- name: get-project-status
description: Given a Jira project key, return the active sprint name, total issues, and done count.
inputParameters:
- name: project_key
in: body
type: string
description: Jira project key (e.g., XFIN, STREAM).
call: jira.get-board-sprint
with:
project_key: '{{project_key}}'
outputParameters:
- name: sprint_name
type: string
mapping: $.values[0].name
- name: total_issues
type: number
mapping: $.values[0].total
- name: done_count
type: number
mapping: $.values[0].done
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/agile/1.0
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: sprints
path: /board/{{project_key}}/sprint
inputParameters:
- name: project_key
in: path
operations:
- name: get-board-sprint
method: GET
When Splunk detects a log volume anomaly exceeding a threshold, creates a Jira bug for the owning team and posts an alert to the engineering Teams channel.
naftiko: '0.5'
info:
label: Splunk Log Anomaly to Jira
description: When Splunk detects a log volume anomaly exceeding a threshold, creates a Jira bug for the owning team and posts an alert to the engineering Teams channel.
tags:
- observability
- devops
- splunk
- jira
- microsoft-teams
- monitoring
capability:
exposes:
- type: mcp
namespace: log-monitoring
port: 8080
tools:
- name: handle-log-anomaly
description: Given a Splunk alert and affected service name, create a Jira bug and notify the engineering Teams channel with log anomaly details.
inputParameters:
- name: service_name
in: body
type: string
description: The service or application generating the anomalous log volume.
- name: alert_count
in: body
type: integer
description: Number of error events detected in the anomaly window.
- name: time_window
in: body
type: string
description: The time window of the anomaly, e.g. last 15 minutes.
steps:
- name: create-jira-bug
type: call
call: jira.create-issue
with:
projectKey: OPS
issuetype: Bug
summary: 'Log anomaly: {{service_name}} — {{alert_count}} errors in {{time_window}}'
description: 'Service: {{service_name}}
Error count: {{alert_count}}
Window: {{time_window}}'
- name: alert-engineering
type: call
call: msteams.post-channel-message
with:
channelId: engineering-alerts
message: 'Splunk anomaly: {{service_name}} — {{alert_count}} errors in {{time_window}} | Jira: {{create-jira-bug.key}}'
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When a new hire record appears in Workday, provisions Okta account, creates a ServiceNow equipment request, and notifies the hiring manager via Microsoft Teams.
naftiko: '0.5'
info:
label: Workday New Hire IT Provisioning
description: When a new hire record appears in Workday, provisions Okta account, creates a ServiceNow equipment request, and notifies the hiring manager via Microsoft Teams.
tags:
- hr
- onboarding
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hire-provisioning
port: 8080
tools:
- name: provision-new-hire
description: Given a Workday employee ID for a new hire, provision IT resources.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
employee_id: '{{employee_id}}'
- name: create-okta-user
type: call
call: okta.create-user
with:
email: '{{get-worker.email}}'
first_name: '{{get-worker.first_name}}'
last_name: '{{get-worker.last_name}}'
department: '{{get-worker.department}}'
- name: create-equipment-request
type: call
call: servicenow.create-request
with:
short_description: 'New hire equipment: {{get-worker.name}}'
description: 'Department: {{get-worker.department}}. Start date: {{get-worker.start_date}}'
- name: notify-manager
type: call
call: teams.post-message
with:
channel_id: hr-onboarding
text: 'IT provisioned for {{get-worker.name}}: Okta created, equipment requested ({{create-equipment-request.number}}).'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{employee_id}}
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users
operations:
- name: create-user
method: POST
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: requests
path: /table/sc_request
operations:
- name: create-request
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves Comcast subscriber account details from Salesforce Service Cloud given an account number, returning service tier, billing status, and open cases.
naftiko: '0.5'
info:
label: Customer Subscriber Lookup
description: Retrieves Comcast subscriber account details from Salesforce Service Cloud given an account number, returning service tier, billing status, and open cases.
tags:
- crm
- customer-support
- salesforce
capability:
exposes:
- type: mcp
namespace: subscriber-ops
port: 8080
tools:
- name: get-subscriber-account
description: Given a Comcast subscriber account number, retrieve account details including service tier, billing status, equipment, and open support cases from Salesforce Service Cloud.
inputParameters:
- name: account_number
in: body
type: string
description: The Comcast customer account number.
call: salesforce.get-account
with:
accountNumber: '{{account_number}}'
outputParameters:
- name: account_id
type: string
mapping: $.records[0].Id
- name: subscriber_name
type: string
mapping: $.records[0].Name
- name: service_tier
type: string
mapping: $.records[0].ServiceTier__c
- name: billing_status
type: string
mapping: $.records[0].BillingStatus__c
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query
inputParameters:
- name: accountNumber
in: query
operations:
- name: get-account
method: GET
Retrieves full incident details including priority, assigned group, and resolution notes from ServiceNow.
naftiko: '0.5'
info:
label: ServiceNow Incident Detail Lookup
description: Retrieves full incident details including priority, assigned group, and resolution notes from ServiceNow.
tags:
- itsm
- servicenow
capability:
exposes:
- type: mcp
namespace: incident-details
port: 8080
tools:
- name: get-incident-detail
description: Given a ServiceNow incident number, return priority, assigned group, state, and resolution notes.
inputParameters:
- name: incident_number
in: body
type: string
description: ServiceNow incident number.
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
outputParameters:
- name: priority
type: string
mapping: $.result.priority
- name: assigned_to
type: string
mapping: $.result.assigned_to
- name: state
type: string
mapping: $.result.state
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
inputParameters:
- name: incident_number
in: path
operations:
- name: get-incident
method: GET
Returns the current paid time-off and vacation accrual balances for a Comcast employee from Workday, for use in absence planning.
naftiko: '0.5'
info:
label: Workday Time-Off Balance Lookup
description: Returns the current paid time-off and vacation accrual balances for a Comcast employee from Workday, for use in absence planning.
tags:
- hr
- workday
- absence-management
capability:
exposes:
- type: mcp
namespace: hr-absence
port: 8080
tools:
- name: get-time-off-balance
description: Given a Workday employee ID, return current accrued vacation, PTO, and sick leave balances. Use when an employee or manager needs to verify available time before approving an absence request.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID.
call: workday.get-leave-balance
with:
worker_id: '{{employee_id}}'
outputParameters:
- name: vacation_days
type: number
mapping: $.leaveBalances.vacation
- name: pto_days
type: number
mapping: $.leaveBalances.pto
- name: sick_days
type: number
mapping: $.leaveBalances.sick
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: leave-balances
path: /comcast/workers/{{worker_id}}/leaveBalance
inputParameters:
- name: worker_id
in: path
operations:
- name: get-leave-balance
method: GET
Runs data quality checks against Snowflake production tables and creates ServiceNow incidents for any datasets that fail freshness or completeness thresholds.
naftiko: '0.5'
info:
label: Snowflake Data Quality Monitor
description: Runs data quality checks against Snowflake production tables and creates ServiceNow incidents for any datasets that fail freshness or completeness thresholds.
tags:
- data
- analytics
- snowflake
- servicenow
- data-quality
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: check-data-quality
description: Given a Snowflake table name and freshness threshold, validate table row count and last updated timestamp, and open a ServiceNow ticket if quality checks fail.
inputParameters:
- name: table_name
in: body
type: string
description: Fully qualified Snowflake table name in DATABASE.SCHEMA.TABLE format.
- name: freshness_hours
in: body
type: integer
description: Maximum acceptable age in hours for the table's data.
steps:
- name: get-table-metadata
type: call
call: snowflake.get-table-info
with:
tableName: '{{table_name}}'
- name: create-dq-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'Data quality failure: {{table_name}}'
category: data_pipeline
description: 'Table {{table_name}} failed freshness check. Last updated: {{get-table-metadata.last_altered}}. Required: within {{freshness_hours}} hours.'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: tables
path: /databases/tables
inputParameters:
- name: tableName
in: query
operations:
- name: get-table-info
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Retrieves the status and configuration summary of a CloudFront CDN distribution used for Comcast content delivery.
naftiko: '0.5'
info:
label: AWS CloudFront Distribution Status
description: Retrieves the status and configuration summary of a CloudFront CDN distribution used for Comcast content delivery.
tags:
- cdn
- cloud
- aws
capability:
exposes:
- type: mcp
namespace: cdn-status
port: 8080
tools:
- name: get-distribution-status
description: Given a CloudFront distribution ID, return its status and domain name.
inputParameters:
- name: distribution_id
in: body
type: string
description: CloudFront distribution ID.
call: cloudfront.get-distribution
with:
distribution_id: '{{distribution_id}}'
outputParameters:
- name: status
type: string
mapping: $.Distribution.Status
- name: domain_name
type: string
mapping: $.Distribution.DomainName
consumes:
- type: http
namespace: cloudfront
baseUri: https://cloudfront.amazonaws.com/2020-05-31
authentication:
type: apikey
key: Authorization
value: $secrets.aws_auth_token
placement: header
resources:
- name: distributions
path: /distribution/{{distribution_id}}
inputParameters:
- name: distribution_id
in: path
operations:
- name: get-distribution
method: GET
When a ServiceNow incident SLA is about to breach, escalates via PagerDuty, updates the incident priority, and notifies management via Microsoft Teams.
naftiko: '0.5'
info:
label: ServiceNow SLA Breach Escalation
description: When a ServiceNow incident SLA is about to breach, escalates via PagerDuty, updates the incident priority, and notifies management via Microsoft Teams.
tags:
- itsm
- sla
- servicenow
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sla-escalation
port: 8080
tools:
- name: escalate-sla-breach
description: Given a ServiceNow incident nearing SLA breach, escalate and notify.
inputParameters:
- name: incident_number
in: body
type: string
description: ServiceNow incident number.
- name: minutes_remaining
in: body
type: number
description: Minutes until SLA breach.
steps:
- name: get-incident
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: itsm-escalation
title: 'SLA breach: {{incident_number}} in {{minutes_remaining}} min'
urgency: high
- name: notify-management
type: call
call: teams.post-message
with:
channel_id: it-management
text: 'SLA breach imminent: {{incident_number}} — {{get-incident.short_description}}. {{minutes_remaining}} min remaining.'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident/{{incident_number}}
operations:
- name: get-incident
method: GET
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Looks up the current on-call engineer for a specified PagerDuty escalation policy at Comcast.
naftiko: '0.5'
info:
label: PagerDuty On-Call Engineer Lookup
description: Looks up the current on-call engineer for a specified PagerDuty escalation policy at Comcast.
tags:
- incident-management
- pagerduty
capability:
exposes:
- type: mcp
namespace: oncall-lookup
port: 8080
tools:
- name: get-oncall
description: Given a PagerDuty escalation policy ID, return the current on-call engineer name and contact.
inputParameters:
- name: policy_id
in: body
type: string
description: PagerDuty escalation policy ID.
call: pagerduty.get-oncall
with:
policy_id: '{{policy_id}}'
outputParameters:
- name: engineer_name
type: string
mapping: $.oncalls[0].user.name
- name: email
type: string
mapping: $.oncalls[0].user.email
consumes:
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: oncalls
path: /oncalls
inputParameters:
- name: policy_id
in: query
operations:
- name: get-oncall
method: GET
Scans GitHub Dependabot alerts for critical vulnerabilities across Comcast repositories, creates Jira security tickets, and notifies the security team in Teams.
naftiko: '0.5'
info:
label: GitHub Security Vulnerability Triage
description: Scans GitHub Dependabot alerts for critical vulnerabilities across Comcast repositories, creates Jira security tickets, and notifies the security team in Teams.
tags:
- security
- devops
- github
- jira
- microsoft-teams
- vulnerability-management
capability:
exposes:
- type: mcp
namespace: security-ops
port: 8080
tools:
- name: triage-vulnerability-alerts
description: Given a GitHub repository, retrieve critical Dependabot alerts, create Jira security tickets, and post a summary to the security Teams channel.
inputParameters:
- name: repo
in: body
type: string
description: GitHub repository in owner/repo format.
steps:
- name: get-alerts
type: call
call: github.get-dependabot-alerts
with:
repo: '{{repo}}'
severity: critical
- name: create-security-ticket
type: call
call: jira.create-issue
with:
projectKey: SEC
issuetype: Security
summary: 'Critical vulnerability: {{get-alerts.advisory_summary}}'
description: 'Package: {{get-alerts.package_name}}
CVSS: {{get-alerts.cvss_score}}
Repo: {{repo}}'
- name: notify-security
type: call
call: msteams.post-channel-message
with:
channelId: security-team
message: 'Critical vulnerability in {{repo}}: {{get-alerts.advisory_summary}} | Jira: {{create-security-ticket.key}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: dependabot-alerts
path: /repos/{{repo}}/dependabot/alerts
inputParameters:
- name: repo
in: path
- name: severity
in: query
operations:
- name: get-dependabot-alerts
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Retrieves unestimated and stale Jira backlog items for a project and posts a grooming reminder digest to the product team's Teams channel.
naftiko: '0.5'
info:
label: Jira Backlog Grooming Report
description: Retrieves unestimated and stale Jira backlog items for a project and posts a grooming reminder digest to the product team's Teams channel.
tags:
- devops
- engineering
- jira
- microsoft-teams
- backlog-management
capability:
exposes:
- type: mcp
namespace: backlog-ops
port: 8080
tools:
- name: digest-backlog-health
description: Given a Jira project key, retrieve unestimated and stale backlog issues older than 30 days and post a grooming summary to the product team's Teams channel.
inputParameters:
- name: project_key
in: body
type: string
description: The Jira project key, e.g. XFIN.
steps:
- name: get-stale-issues
type: call
call: jira.search-issues
with:
jql: project={{project_key}} AND status=Backlog AND created<=-30d AND storyPoints is EMPTY
- name: post-reminder
type: call
call: msteams.post-channel-message
with:
channelId: product-team
message: 'Backlog health for {{project_key}}: {{get-stale-issues.total}} unestimated or stale issues need grooming. Oldest: {{get-stale-issues.oldest_issue}}.'
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /search
inputParameters:
- name: jql
in: query
operations:
- name: search-issues
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When AWS Cost Anomaly Detection identifies an unexpected spend spike, creates a ServiceNow ticket and alerts the FinOps team in Microsoft Teams.
naftiko: '0.5'
info:
label: AWS Cost Anomaly Alert Handler
description: When AWS Cost Anomaly Detection identifies an unexpected spend spike, creates a ServiceNow ticket and alerts the FinOps team in Microsoft Teams.
tags:
- cloud
- finops
- aws
- servicenow
- microsoft-teams
- cost-management
capability:
exposes:
- type: mcp
namespace: cloud-finops
port: 8080
tools:
- name: handle-aws-cost-anomaly
description: Given an AWS account ID, anomalous spend amount, and service name, create a ServiceNow cost ticket and alert the FinOps team in Teams.
inputParameters:
- name: aws_account_id
in: body
type: string
description: The AWS account ID where the anomaly occurred.
- name: anomaly_amount
in: body
type: number
description: The anomalous incremental spend in USD.
- name: aws_service
in: body
type: string
description: The AWS service responsible for the spend spike, e.g. EC2, S3.
steps:
- name: get-cost-details
type: call
call: aws-cost.get-anomalies
with:
accountId: '{{aws_account_id}}'
service: '{{aws_service}}'
- name: create-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'AWS cost anomaly: {{aws_service}} in account {{aws_account_id}} +${{anomaly_amount}}'
category: cloud_cost
urgency: '2'
- name: alert-finops
type: call
call: msteams.post-channel-message
with:
channelId: finops-team
message: 'AWS cost spike: {{aws_service}} in {{aws_account_id}} +${{anomaly_amount}} | ServiceNow: {{create-ticket.number}}'
consumes:
- type: http
namespace: aws-cost
baseUri: https://ce.us-east-1.amazonaws.com
authentication:
type: bearer
token: $secrets.aws_token
resources:
- name: anomalies
path: /GetAnomalies
operations:
- name: get-anomalies
method: POST
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When an Xfinity Mobile order is placed, provisions the SIM in the carrier system, updates Salesforce, and sends activation confirmation via the messaging platform.
naftiko: '0.5'
info:
label: Xfinity Mobile Provisioning Orchestrator
description: When an Xfinity Mobile order is placed, provisions the SIM in the carrier system, updates Salesforce, and sends activation confirmation via the messaging platform.
tags:
- mobile
- provisioning
- salesforce
- servicenow
capability:
exposes:
- type: mcp
namespace: mobile-provisioning
port: 8080
tools:
- name: provision-mobile-line
description: Given a Salesforce order ID for Xfinity Mobile, provision and activate the line.
inputParameters:
- name: order_id
in: body
type: string
description: Salesforce mobile order ID.
steps:
- name: get-order
type: call
call: salesforce.get-order
with:
order_id: '{{order_id}}'
- name: create-work-order
type: call
call: servicenow.create-work-order
with:
short_description: 'Mobile activation: {{order_id}}'
description: 'Customer: {{get-order.customer_name}}. Plan: {{get-order.plan_name}}'
- name: update-order
type: call
call: salesforce.update-order-status
with:
order_id: '{{order_id}}'
status: Provisioned
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: orders
path: /sobjects/Order/{{order_id}}
operations:
- name: get-order
method: GET
- name: update-order-status
method: PATCH
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: work-orders
path: /table/wm_order
operations:
- name: create-work-order
method: POST
Returns current payroll headcount grouped by department and pay grade from Workday for finance and HR reporting.
naftiko: '0.5'
info:
label: Workday Payroll Headcount Export
description: Returns current payroll headcount grouped by department and pay grade from Workday for finance and HR reporting.
tags:
- hr
- finance
- workday
- payroll
- reporting
capability:
exposes:
- type: mcp
namespace: payroll-reporting
port: 8080
tools:
- name: get-payroll-headcount
description: Returns active employees grouped by department and pay grade from Workday payroll. Use for headcount reporting, period close, and compensation analysis.
call: workday.get-payroll-results
outputParameters:
- name: total_gross_pay
type: number
mapping: $.totals.grossPay
- name: total_employees
type: number
mapping: $.totals.headcount
- name: period
type: string
mapping: $.payPeriod
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: payroll-results
path: /comcast/payrollResults
operations:
- name: get-payroll-results
method: GET
Queries Splunk for security events matching a given source IP or user, and posts the event summary to the security operations Teams channel for investigation.
naftiko: '0.5'
info:
label: Splunk Security Event Investigation
description: Queries Splunk for security events matching a given source IP or user, and posts the event summary to the security operations Teams channel for investigation.
tags:
- security
- observability
- splunk
- microsoft-teams
- investigation
capability:
exposes:
- type: mcp
namespace: security-investigation
port: 8080
tools:
- name: investigate-security-event
description: Given a source IP address or username, query Splunk for recent security events and post a summary of findings to the security operations Teams channel.
inputParameters:
- name: search_term
in: body
type: string
description: The IP address or username to search for in Splunk security events.
- name: lookback_hours
in: body
type: integer
description: Number of hours to look back in Splunk for events.
steps:
- name: search-splunk
type: call
call: splunk.run-search
with:
search: index=security (src_ip={{search_term}} OR user={{search_term}}) earliest=-{{lookback_hours}}h
- name: post-findings
type: call
call: msteams.post-channel-message
with:
channelId: security-operations
message: 'Security investigation for {{search_term}} (last {{lookback_hours}}h): {{search-splunk.event_count}} events found. Top events: {{search-splunk.top_events}}'
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8089
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: search-jobs
path: /services/search/jobs
operations:
- name: run-search
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Coordinates subscriber equipment swaps by updating the Salesforce account, creating a ServiceNow work order, and notifying the logistics team via Microsoft Teams.
naftiko: '0.5'
info:
label: Subscriber Equipment Swap Orchestrator
description: Coordinates subscriber equipment swaps by updating the Salesforce account, creating a ServiceNow work order, and notifying the logistics team via Microsoft Teams.
tags:
- customer-support
- equipment
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: equipment-swap
port: 8080
tools:
- name: process-equipment-swap
description: Given a subscriber account and new equipment serial, orchestrate the equipment swap.
inputParameters:
- name: account_id
in: body
type: string
description: Subscriber account ID.
- name: new_serial
in: body
type: string
description: New equipment serial number.
steps:
- name: update-account
type: call
call: salesforce.update-equipment
with:
account_id: '{{account_id}}'
serial: '{{new_serial}}'
- name: create-work-order
type: call
call: servicenow.create-work-order
with:
short_description: 'Equipment swap: account {{account_id}}'
description: 'New serial: {{new_serial}}'
- name: notify-logistics
type: call
call: teams.post-message
with:
channel_id: logistics
text: 'Equipment swap: {{account_id}} → {{new_serial}}. WO: {{create-work-order.number}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
operations:
- name: update-equipment
method: PATCH
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: work-orders
path: /table/wm_order
operations:
- name: create-work-order
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Monitors video transcoding pipeline health in Datadog, creates a Jira ticket when failure rates spike, and alerts the media engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: Video Transcoding Pipeline Monitor
description: Monitors video transcoding pipeline health in Datadog, creates a Jira ticket when failure rates spike, and alerts the media engineering team via Microsoft Teams.
tags:
- media
- transcoding
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: transcoding-ops
port: 8080
tools:
- name: handle-transcoding-alert
description: Given a Datadog alert for transcoding failures, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: MEDIA
summary: 'Transcoding failures: {{get-alert.name}}'
description: '{{get-alert.message}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: media-engineering
text: 'Transcoding alert: {{get-alert.name}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a network outage alert fires in Datadog, creates a ServiceNow P1 incident, posts to the NOC Teams channel, and logs the event in Splunk.
naftiko: '0.5'
info:
label: Network Outage Incident Response
description: When a network outage alert fires in Datadog, creates a ServiceNow P1 incident, posts to the NOC Teams channel, and logs the event in Splunk.
tags:
- itsm
- observability
- datadog
- servicenow
- splunk
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: noc-ops
port: 8080
tools:
- name: handle-network-outage
description: Given a Datadog monitor alert for a network outage, create a ServiceNow P1 incident, send a NOC channel alert in Teams, and index the event in Splunk.
inputParameters:
- name: monitor_id
in: body
type: string
description: The Datadog monitor ID that triggered the alert.
- name: affected_region
in: body
type: string
description: Geographic region or network segment affected by the outage.
- name: alert_message
in: body
type: string
description: The alert message text from Datadog.
steps:
- name: get-monitor
type: call
call: datadog.get-monitor
with:
monitor_id: '{{monitor_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Network outage: {{affected_region}}'
description: '{{alert_message}}
Monitor: {{monitor_id}}
State: {{get-monitor.overall_state}}'
urgency: '1'
impact: '1'
- name: alert-noc
type: call
call: msteams.post-channel-message
with:
channelId: noc-alerts
message: 'P1 Outage: {{affected_region}} | Monitor: {{monitor_id}} | ServiceNow: {{create-incident.number}} | {{alert_message}}'
- name: log-splunk
type: call
call: splunk.index-event
with:
source: datadog-alert
event: 'Network outage detected in {{affected_region}}: {{alert_message}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: monitors
path: /monitor/{{monitor_id}}
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8088
authentication:
type: bearer
token: $secrets.splunk_hec_token
resources:
- name: events
path: /services/collector/event
operations:
- name: index-event
method: POST
Identifies expiring enterprise contracts in Salesforce, creates Jira renewal tasks, and notifies account managers via Microsoft Teams.
naftiko: '0.5'
info:
label: Salesforce Contract Renewal Workflow
description: Identifies expiring enterprise contracts in Salesforce, creates Jira renewal tasks, and notifies account managers via Microsoft Teams.
tags:
- sales
- contracts
- salesforce
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contract-renewal
port: 8080
tools:
- name: process-renewal
description: Given a Salesforce contract ID nearing expiry, initiate the renewal workflow.
inputParameters:
- name: contract_id
in: body
type: string
description: Salesforce contract ID.
steps:
- name: get-contract
type: call
call: salesforce.get-contract
with:
contract_id: '{{contract_id}}'
- name: create-task
type: call
call: jira.create-issue
with:
project: SALES
summary: 'Renewal: {{get-contract.account_name}} — {{get-contract.end_date}}'
description: 'Annual value: ${{get-contract.annual_value}}'
- name: notify-am
type: call
call: teams.post-message
with:
channel_id: account-management
text: 'Renewal due: {{get-contract.account_name}}. Expires: {{get-contract.end_date}}. Value: ${{get-contract.annual_value}}. Jira: {{create-task.key}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: contracts
path: /sobjects/Contract/{{contract_id}}
operations:
- name: get-contract
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves the current Xfinity service tier, bundle details, and contract end date for a subscriber from Salesforce.
naftiko: '0.5'
info:
label: Salesforce Subscriber Service Tier Lookup
description: Retrieves the current Xfinity service tier, bundle details, and contract end date for a subscriber from Salesforce.
tags:
- crm
- subscriber
- salesforce
capability:
exposes:
- type: mcp
namespace: subscriber-tiers
port: 8080
tools:
- name: get-service-tier
description: Given a Comcast subscriber account ID, return service tier, bundle name, and contract end date.
inputParameters:
- name: account_id
in: body
type: string
description: Comcast subscriber account ID.
call: salesforce.get-subscriber
with:
account_id: '{{account_id}}'
outputParameters:
- name: service_tier
type: string
mapping: $.records[0].ServiceTier__c
- name: bundle_name
type: string
mapping: $.records[0].BundleName__c
- name: contract_end
type: string
mapping: $.records[0].ContractEnd__c
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query
inputParameters:
- name: account_id
in: query
operations:
- name: get-subscriber
method: GET
Refreshes the subscriber analytics Power BI dashboard, verifies completion, and posts the status to the analytics Teams channel.
naftiko: '0.5'
info:
label: Power BI Subscriber Dashboard Auto-Refresh
description: Refreshes the subscriber analytics Power BI dashboard, verifies completion, and posts the status to the analytics Teams channel.
tags:
- analytics
- dashboards
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: dashboard-refresh
port: 8080
tools:
- name: refresh-subscriber-dashboard
description: Given a Power BI dataset ID, trigger refresh and report status.
inputParameters:
- name: dataset_id
in: body
type: string
description: Power BI dataset ID.
steps:
- name: trigger-refresh
type: call
call: powerbi.trigger-refresh
with:
dataset_id: '{{dataset_id}}'
- name: notify-analytics
type: call
call: teams.post-message
with:
channel_id: analytics-team
text: 'Subscriber dashboard refreshed. Dataset: {{dataset_id}}'
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /datasets/{{dataset_id}}/refreshes
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves subscriber usage patterns from Snowflake, identifies high-risk churn accounts in Salesforce, and creates a retention campaign task for the account team.
naftiko: '0.5'
info:
label: Customer Churn Prediction Workflow
description: Retrieves subscriber usage patterns from Snowflake, identifies high-risk churn accounts in Salesforce, and creates a retention campaign task for the account team.
tags:
- crm
- analytics
- churn
- snowflake
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: churn-prediction
port: 8080
tools:
- name: process-churn-risk
description: Given a market segment, identify high-risk churn subscribers and initiate retention workflows.
inputParameters:
- name: market_segment
in: body
type: string
description: Market segment to analyze.
steps:
- name: get-usage-patterns
type: call
call: snowflake.query-churn-risk
with:
market_segment: '{{market_segment}}'
- name: create-campaign
type: call
call: salesforce.create-campaign
with:
name: 'Retention: {{market_segment}} — {{get-usage-patterns.high_risk_count}} accounts'
type: Retention
- name: notify-retention
type: call
call: teams.post-message
with:
channel_id: customer-retention
text: 'Churn risk: {{get-usage-patterns.high_risk_count}} accounts in {{market_segment}}. Campaign: {{create-campaign.id}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-churn-risk
method: POST
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: campaigns
path: /sobjects/Campaign
operations:
- name: create-campaign
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Monitors enterprise internet SLA compliance via Datadog, stores metrics in Snowflake, and emails weekly SLA reports to account managers via Microsoft Outlook.
naftiko: '0.5'
info:
label: Enterprise Internet SLA Monitor
description: Monitors enterprise internet SLA compliance via Datadog, stores metrics in Snowflake, and emails weekly SLA reports to account managers via Microsoft Outlook.
tags:
- sla
- enterprise
- datadog
- snowflake
- microsoft-outlook
capability:
exposes:
- type: mcp
namespace: enterprise-sla
port: 8080
tools:
- name: generate-sla-report
description: Given an enterprise account ID, generate the SLA compliance report.
inputParameters:
- name: account_id
in: body
type: string
description: Enterprise account ID.
steps:
- name: get-sla-metrics
type: call
call: datadog.get-sla
with:
account_id: '{{account_id}}'
- name: store-metrics
type: call
call: snowflake.insert-sla
with:
account_id: '{{account_id}}'
uptime: '{{get-sla-metrics.uptime_pct}}'
- name: email-report
type: call
call: outlook.send-email
with:
to: '{{get-sla-metrics.am_email}}'
subject: 'SLA Report: {{account_id}}'
body: 'Uptime: {{get-sla-metrics.uptime_pct}}%. Latency: {{get-sla-metrics.latency_ms}}ms.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: sla
path: /slo
operations:
- name: get-sla
method: GET
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-sla
method: POST
- type: http
namespace: outlook
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: mail
path: /me/sendMail
operations:
- name: send-email
method: POST
Retrieves the CDN cache hit ratio and bandwidth metrics from Datadog for Comcast content delivery infrastructure.
naftiko: '0.5'
info:
label: Datadog CDN Cache Hit Ratio
description: Retrieves the CDN cache hit ratio and bandwidth metrics from Datadog for Comcast content delivery infrastructure.
tags:
- cdn
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: cdn-metrics
port: 8080
tools:
- name: get-cache-metrics
description: Given a CDN region, return the cache hit ratio and bandwidth utilization.
inputParameters:
- name: cdn_region
in: body
type: string
description: CDN region (e.g., us-east, us-west).
call: datadog.query-cdn-metrics
with:
cdn_region: '{{cdn_region}}'
outputParameters:
- name: hit_ratio
type: number
mapping: $.series[0].hit_ratio
- name: bandwidth_gbps
type: number
mapping: $.series[0].bandwidth
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
inputParameters:
- name: cdn_region
in: query
operations:
- name: query-cdn-metrics
method: GET
Pulls completed sprint data from Jira for an engineering team, calculates velocity, and posts the sprint summary to the team's Microsoft Teams channel.
naftiko: '0.5'
info:
label: Jira Sprint Velocity Report
description: Pulls completed sprint data from Jira for an engineering team, calculates velocity, and posts the sprint summary to the team's Microsoft Teams channel.
tags:
- devops
- engineering
- jira
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: engineering-reporting
port: 8080
tools:
- name: publish-sprint-velocity
description: Given a Jira board ID and sprint ID, retrieve completed issues and story points, then post a velocity summary to the engineering Teams channel.
inputParameters:
- name: board_id
in: body
type: string
description: The Jira software board ID.
- name: sprint_id
in: body
type: string
description: The Jira sprint ID to report on.
steps:
- name: get-sprint-issues
type: call
call: jira.get-sprint-issues
with:
boardId: '{{board_id}}'
sprintId: '{{sprint_id}}'
- name: post-velocity
type: call
call: msteams.post-channel-message
with:
channelId: engineering-team
message: 'Sprint {{sprint_id}} complete: {{get-sprint-issues.completedIssues}} issues, {{get-sprint-issues.completedPoints}} story points delivered.'
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: sprint-issues
path: /board/{{boardId}}/sprint/{{sprintId}}/issue
inputParameters:
- name: boardId
in: path
- name: sprintId
in: path
operations:
- name: get-sprint-issues
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Retrieves LinkedIn employer brand metrics, stores trends in Snowflake, and posts the weekly summary to the HR marketing Teams channel.
naftiko: '0.5'
info:
label: LinkedIn Talent Brand Monitor
description: Retrieves LinkedIn employer brand metrics, stores trends in Snowflake, and posts the weekly summary to the HR marketing Teams channel.
tags:
- hr
- employer-brand
- linkedin
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: talent-brand
port: 8080
tools:
- name: monitor-talent-brand
description: Given a reporting period, generate the LinkedIn employer brand report.
inputParameters:
- name: period
in: body
type: string
description: Reporting period (e.g., 2026-W13).
steps:
- name: get-brand-metrics
type: call
call: linkedin.get-brand-stats
with:
period: '{{period}}'
- name: store-metrics
type: call
call: snowflake.insert-brand-metrics
with:
period: '{{period}}'
followers: '{{get-brand-metrics.followers}}'
engagement_rate: '{{get-brand-metrics.engagement_rate}}'
- name: notify-hr
type: call
call: teams.post-message
with:
channel_id: hr-marketing
text: 'LinkedIn brand: {{period}}. Followers: {{get-brand-metrics.followers}}. Engagement: {{get-brand-metrics.engagement_rate}}%'
consumes:
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: brand
path: /organizationalEntityFollowerStatistics
operations:
- name: get-brand-stats
method: GET
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-brand-metrics
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects an error spike in AWS Lambda functions, retrieves function metrics, creates a Jira ticket, and pages the on-call engineer via PagerDuty.
naftiko: '0.5'
info:
label: AWS Lambda Error Spike Responder
description: When Datadog detects an error spike in AWS Lambda functions, retrieves function metrics, creates a Jira ticket, and pages the on-call engineer via PagerDuty.
tags:
- cloud
- serverless
- datadog
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: lambda-errors
port: 8080
tools:
- name: handle-lambda-errors
description: Given a Datadog alert for Lambda errors, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: function_name
in: body
type: string
description: Lambda function name.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: CLOUD
summary: 'Lambda error spike: {{function_name}}'
description: '{{get-alert.message}}'
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: cloud-engineering
title: 'Lambda errors: {{function_name}} — {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Retrieves the status and review state of a GitHub pull request in Comcast engineering repositories.
naftiko: '0.5'
info:
label: GitHub Pull Request Status Check
description: Retrieves the status and review state of a GitHub pull request in Comcast engineering repositories.
tags:
- development
- github
capability:
exposes:
- type: mcp
namespace: pr-status
port: 8080
tools:
- name: get-pr-status
description: Given a repository name and PR number, return the PR title, status, and mergeable state.
inputParameters:
- name: repo_name
in: body
type: string
description: GitHub repository name.
- name: pr_number
in: body
type: string
description: PR number.
call: github.get-pr
with:
repo_name: '{{repo_name}}'
pr_number: '{{pr_number}}'
outputParameters:
- name: title
type: string
mapping: $.title
- name: state
type: string
mapping: $.state
- name: mergeable
type: string
mapping: $.mergeable
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: pulls
path: /repos/comcast/{{repo_name}}/pulls/{{pr_number}}
inputParameters:
- name: repo_name
in: path
- name: pr_number
in: path
operations:
- name: get-pr
method: GET
When a cable node reaches capacity threshold, retrieves utilization data from Snowflake, creates a Jira planning epic, and notifies the network planning team via Microsoft Teams.
naftiko: '0.5'
info:
label: Cable Node Split Planning Workflow
description: When a cable node reaches capacity threshold, retrieves utilization data from Snowflake, creates a Jira planning epic, and notifies the network planning team via Microsoft Teams.
tags:
- network
- cable
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: node-planning
port: 8080
tools:
- name: plan-node-split
description: Given a cable node ID and utilization percentage, initiate the node split planning workflow.
inputParameters:
- name: node_id
in: body
type: string
description: Cable node identifier.
- name: utilization_pct
in: body
type: number
description: Current utilization percentage.
steps:
- name: get-node-data
type: call
call: snowflake.query-node-usage
with:
node_id: '{{node_id}}'
- name: create-epic
type: call
call: jira.create-issue
with:
project: NETPLAN
summary: 'Node split: {{node_id}} at {{utilization_pct}}%'
issue_type: Epic
description: 'Subscriber count: {{get-node-data.subscriber_count}}. Peak usage: {{get-node-data.peak_gbps}} Gbps'
- name: notify-planning
type: call
call: teams.post-message
with:
channel_id: network-planning
text: 'Node split needed: {{node_id}} ({{utilization_pct}}%). {{get-node-data.subscriber_count}} subscribers. Jira: {{create-epic.key}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-node-usage
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Searches Splunk for network events matching a given CMTS node ID to aid in troubleshooting cable network issues.
naftiko: '0.5'
info:
label: Splunk Network Event Search
description: Searches Splunk for network events matching a given CMTS node ID to aid in troubleshooting cable network issues.
tags:
- network
- splunk
capability:
exposes:
- type: mcp
namespace: network-events
port: 8080
tools:
- name: search-network-events
description: Given a CMTS node ID, search Splunk for recent events and return the count and most common event type.
inputParameters:
- name: cmts_node_id
in: body
type: string
description: CMTS node identifier.
call: splunk.search
with:
cmts_node_id: '{{cmts_node_id}}'
outputParameters:
- name: event_count
type: number
mapping: $.results.event_count
- name: top_event_type
type: string
mapping: $.results.top_type
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8089
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: search
path: /services/search/jobs/export
inputParameters:
- name: cmts_node_id
in: query
operations:
- name: search
method: GET
Triggers a Terraform Cloud workspace run to provision or update cloud infrastructure, and creates a ServiceNow change record documenting the deployment.
naftiko: '0.5'
info:
label: Terraform Cloud Infrastructure Provisioning
description: Triggers a Terraform Cloud workspace run to provision or update cloud infrastructure, and creates a ServiceNow change record documenting the deployment.
tags:
- cloud
- infrastructure
- terraform
- servicenow
- change-management
capability:
exposes:
- type: mcp
namespace: infra-provisioning
port: 8080
tools:
- name: trigger-terraform-run
description: Given a Terraform Cloud workspace ID and change description, trigger a plan and apply run and create a ServiceNow change record.
inputParameters:
- name: workspace_id
in: body
type: string
description: The Terraform Cloud workspace ID.
- name: change_description
in: body
type: string
description: Description of the infrastructure change being applied.
steps:
- name: create-run
type: call
call: terraform.create-run
with:
workspaceId: '{{workspace_id}}'
message: '{{change_description}}'
- name: create-change-record
type: call
call: servicenow.create-change
with:
short_description: 'Terraform infra change: {{change_description}}'
description: 'Workspace: {{workspace_id}}
Run ID: {{create-run.runId}}'
category: Infrastructure
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: runs
path: /runs
operations:
- name: create-run
method: POST
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change
method: POST
Queries Snowflake for content viewership metrics including total views, average watch time, and completion rate.
naftiko: '0.5'
info:
label: Snowflake Content Viewership Query
description: Queries Snowflake for content viewership metrics including total views, average watch time, and completion rate.
tags:
- analytics
- content
- snowflake
capability:
exposes:
- type: mcp
namespace: content-analytics
port: 8080
tools:
- name: query-viewership
description: Given a content ID and date range, return viewership analytics from Snowflake.
inputParameters:
- name: content_id
in: body
type: string
description: Content identifier.
- name: date_range
in: body
type: string
description: Date range (e.g., 2026-03-01:2026-03-27).
call: snowflake.run-query
with:
content_id: '{{content_id}}'
date_range: '{{date_range}}'
outputParameters:
- name: total_views
type: number
mapping: $.data[0].total_views
- name: avg_watch_min
type: number
mapping: $.data[0].avg_watch_minutes
- name: completion_rate
type: number
mapping: $.data[0].completion_rate
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: run-query
method: POST
Audits compensation changes in Workday, logs them in Snowflake for compliance, and notifies the HR compliance team via Microsoft Teams.
naftiko: '0.5'
info:
label: Workday Compensation Change Audit
description: Audits compensation changes in Workday, logs them in Snowflake for compliance, and notifies the HR compliance team via Microsoft Teams.
tags:
- hr
- compensation
- compliance
- workday
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: comp-audit
port: 8080
tools:
- name: audit-comp-change
description: Given an employee ID with a recent compensation change, audit and log.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
steps:
- name: get-comp-history
type: call
call: workday.get-compensation
with:
employee_id: '{{employee_id}}'
- name: log-audit
type: call
call: snowflake.insert-audit
with:
employee_id: '{{employee_id}}'
old_salary: '{{get-comp-history.previous_salary}}'
new_salary: '{{get-comp-history.current_salary}}'
- name: notify-compliance
type: call
call: teams.post-message
with:
channel_id: hr-compliance
text: 'Comp change: {{employee_id}}. Previous: ${{get-comp-history.previous_salary}} → ${{get-comp-history.current_salary}}'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: compensation
path: /workers/{{employee_id}}/compensation
operations:
- name: get-compensation
method: GET
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-audit
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Pulls diversity and inclusion metrics from Workday, stores trend data in Snowflake, and posts the quarterly report to the HR leadership Teams channel.
naftiko: '0.5'
info:
label: Workday Diversity Metrics Reporter
description: Pulls diversity and inclusion metrics from Workday, stores trend data in Snowflake, and posts the quarterly report to the HR leadership Teams channel.
tags:
- hr
- diversity
- workday
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: diversity-metrics
port: 8080
tools:
- name: generate-diversity-report
description: Given a fiscal quarter, generate the diversity metrics report.
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: Fiscal quarter (e.g., FY26-Q1).
steps:
- name: get-metrics
type: call
call: workday.get-diversity-stats
with:
quarter: '{{fiscal_quarter}}'
- name: store-trends
type: call
call: snowflake.insert-diversity
with:
quarter: '{{fiscal_quarter}}'
headcount: '{{get-metrics.total_headcount}}'
- name: notify-leadership
type: call
call: teams.post-message
with:
channel_id: hr-leadership
text: 'Diversity report: {{fiscal_quarter}}. Headcount: {{get-metrics.total_headcount}}. Representation: {{get-metrics.representation_pct}}%'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: diversity
path: /reports/diversity
operations:
- name: get-diversity-stats
method: GET
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: insert-diversity
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects VoIP quality degradation for Comcast Business customers, retrieves metrics, creates a ServiceNow incident, and pages the voice team via PagerDuty.
naftiko: '0.5'
info:
label: Business VoIP Quality Alert Handler
description: When Datadog detects VoIP quality degradation for Comcast Business customers, retrieves metrics, creates a ServiceNow incident, and pages the voice team via PagerDuty.
tags:
- voice
- business
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: voip-quality
port: 8080
tools:
- name: handle-voip-alert
description: Given a Datadog alert for VoIP quality issues, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: business_account
in: body
type: string
description: Business customer account ID.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'VoIP quality: business account {{business_account}}'
urgency: '2'
description: '{{get-alert.message}}'
- name: page-voice
type: call
call: pagerduty.create-incident
with:
service_id: voice-engineering
title: 'VoIP quality: {{business_account}} — {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
When Okta detects a suspicious login, retrieves user details, creates a ServiceNow security incident, and alerts the security team via Microsoft Teams.
naftiko: '0.5'
info:
label: Okta Suspicious Login Response
description: When Okta detects a suspicious login, retrieves user details, creates a ServiceNow security incident, and alerts the security team via Microsoft Teams.
tags:
- security
- identity
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: suspicious-login
port: 8080
tools:
- name: handle-suspicious-login
description: Given an Okta event ID for a suspicious login, investigate and escalate.
inputParameters:
- name: event_id
in: body
type: string
description: Okta system log event ID.
- name: user_email
in: body
type: string
description: Affected user email.
steps:
- name: get-user
type: call
call: okta.get-user
with:
user_email: '{{user_email}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Suspicious login: {{user_email}}'
urgency: '2'
category: security
description: 'User: {{get-user.name}}. Department: {{get-user.department}}. Event: {{event_id}}'
- name: alert-security
type: call
call: teams.post-message
with:
channel_id: security-alerts
text: 'Suspicious login: {{user_email}} ({{get-user.department}}). ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{user_email}}
operations:
- name: get-user
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a GitHub release is published, annotates the Datadog deployment dashboard, creates a Jira release ticket, and notifies the engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: GitHub Release Deployment Tracker
description: When a GitHub release is published, annotates the Datadog deployment dashboard, creates a Jira release ticket, and notifies the engineering team via Microsoft Teams.
tags:
- deployment
- github
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: release-tracking
port: 8080
tools:
- name: track-release
description: Given a GitHub repository and release tag, track the deployment.
inputParameters:
- name: repo_name
in: body
type: string
description: GitHub repository name.
- name: release_tag
in: body
type: string
description: Release tag (e.g., v2.3.1).
steps:
- name: get-release
type: call
call: github.get-release
with:
repo_name: '{{repo_name}}'
tag: '{{release_tag}}'
- name: annotate-datadog
type: call
call: datadog.create-event
with:
title: 'Deploy: {{repo_name}} {{release_tag}}'
text: '{{get-release.body}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: REL
summary: 'Release: {{repo_name}} {{release_tag}}'
description: '{{get-release.body}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: releases
text: 'Released: {{repo_name}} {{release_tag}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: releases
path: /repos/comcast/{{repo_name}}/releases/tags/{{tag}}
operations:
- name: get-release
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Retrieves Comcast Business opportunity pipeline from Salesforce, calculates weighted forecast, and posts the weekly summary to the sales leadership Teams channel.
naftiko: '0.5'
info:
label: Salesforce Business Opportunity Pipeline
description: Retrieves Comcast Business opportunity pipeline from Salesforce, calculates weighted forecast, and posts the weekly summary to the sales leadership Teams channel.
tags:
- sales
- crm
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sales-pipeline
port: 8080
tools:
- name: generate-pipeline-report
description: Given a sales region, generate the opportunity pipeline report.
inputParameters:
- name: region
in: body
type: string
description: Sales region.
steps:
- name: get-pipeline
type: call
call: salesforce.query-opportunities
with:
region: '{{region}}'
- name: notify-leadership
type: call
call: teams.post-message
with:
channel_id: sales-leadership
text: 'Pipeline: {{region}}. Total: ${{get-pipeline.total_value}}. Weighted: ${{get-pipeline.weighted_value}}. Deals: {{get-pipeline.deal_count}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects Kubernetes cluster health degradation, retrieves node metrics, creates a Jira ticket, and pages the platform team via PagerDuty.
naftiko: '0.5'
info:
label: Datadog Kubernetes Cluster Health Responder
description: When Datadog detects Kubernetes cluster health degradation, retrieves node metrics, creates a Jira ticket, and pages the platform team via PagerDuty.
tags:
- cloud
- kubernetes
- datadog
- jira
- pagerduty
capability:
exposes:
- type: mcp
namespace: k8s-health
port: 8080
tools:
- name: handle-cluster-alert
description: Given a Datadog alert for K8s cluster issues, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: cluster_name
in: body
type: string
description: Kubernetes cluster name.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: PLATFORM
summary: 'K8s cluster: {{cluster_name}}'
description: '{{get-alert.message}}'
- name: page-platform
type: call
call: pagerduty.create-incident
with:
service_id: platform-engineering
title: 'K8s: {{cluster_name}} — {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
When a Workday termination is processed, deactivates the employee's Okta account, disables Microsoft 365, and resolves open ServiceNow tickets.
naftiko: '0.5'
info:
label: Employee Offboarding Access Revocation
description: When a Workday termination is processed, deactivates the employee's Okta account, disables Microsoft 365, and resolves open ServiceNow tickets.
tags:
- hr
- offboarding
- workday
- okta
- servicenow
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: Given a Workday employee ID and termination date, deactivate Okta, disable Microsoft Graph account, and resolve open ServiceNow tickets.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID for the departing employee.
- name: termination_date
in: body
type: string
description: Termination date in YYYY-MM-DD format.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: deactivate-okta
type: call
call: okta.deactivate-user
with:
login: '{{get-worker.work_email}}'
- name: disable-m365
type: call
call: msgraph.update-user
with:
userPrincipalName: '{{get-worker.work_email}}'
accountEnabled: 'false'
- name: close-tickets
type: call
call: servicenow.close-user-tickets
with:
caller_id: '{{get-worker.work_email}}'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /comcast/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users/{{login}}/lifecycle/deactivate
inputParameters:
- name: login
in: path
operations:
- name: deactivate-user
method: POST
- type: http
namespace: msgraph
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: users
path: /users/{{userPrincipalName}}
inputParameters:
- name: userPrincipalName
in: path
operations:
- name: update-user
method: PATCH
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: close-user-tickets
method: PATCH
When a Salesforce NPS survey returns a detractor score, retrieves subscriber details, creates a Jira follow-up task, and notifies the customer experience team via Microsoft Teams.
naftiko: '0.5'
info:
label: Salesforce NPS Detractor Response
description: When a Salesforce NPS survey returns a detractor score, retrieves subscriber details, creates a Jira follow-up task, and notifies the customer experience team via Microsoft Teams.
tags:
- customer-experience
- nps
- salesforce
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: nps-response
port: 8080
tools:
- name: handle-detractor
description: Given a Salesforce NPS survey ID with detractor score, initiate follow-up.
inputParameters:
- name: survey_id
in: body
type: string
description: Salesforce survey response ID.
- name: account_id
in: body
type: string
description: Subscriber account ID.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_id: '{{account_id}}'
- name: create-followup
type: call
call: jira.create-issue
with:
project: CX
summary: 'NPS detractor: {{get-account.Name}}'
description: 'Survey: {{survey_id}}. Service tier: {{get-account.ServiceTier__c}}'
- name: notify-cx
type: call
call: teams.post-message
with:
channel_id: customer-experience
text: 'NPS detractor: {{get-account.Name}} ({{account_id}}). Jira: {{create-followup.key}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query
operations:
- name: get-account
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Validates ServiceNow CMDB configuration item relationships, identifies orphaned CIs, creates Jira cleanup tasks, and notifies the CMDB team via Microsoft Teams.
naftiko: '0.5'
info:
label: ServiceNow CMDB CI Relationship Validator
description: Validates ServiceNow CMDB configuration item relationships, identifies orphaned CIs, creates Jira cleanup tasks, and notifies the CMDB team via Microsoft Teams.
tags:
- itsm
- cmdb
- servicenow
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cmdb-validation
port: 8080
tools:
- name: validate-ci-relationships
description: Given a CI class, validate relationships and identify orphans.
inputParameters:
- name: ci_class
in: body
type: string
description: ServiceNow CI class name.
steps:
- name: get-orphans
type: call
call: servicenow.query-orphan-cis
with:
ci_class: '{{ci_class}}'
- name: create-cleanup
type: call
call: jira.create-issue
with:
project: CMDB
summary: 'Orphan CIs: {{ci_class}} — {{get-orphans.count}} found'
description: 'Class: {{ci_class}}. Orphan count: {{get-orphans.count}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: cmdb-team
text: 'CMDB validation: {{ci_class}}. {{get-orphans.count}} orphan CIs. Jira: {{create-cleanup.key}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: cmdb
path: /table/{{ci_class}}
operations:
- name: query-orphan-cis
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a new lead is created in Salesforce, enriches the record with ZoomInfo firmographic data and updates the account owner based on territory rules.
naftiko: '0.5'
info:
label: Salesforce Lead Enrichment
description: When a new lead is created in Salesforce, enriches the record with ZoomInfo firmographic data and updates the account owner based on territory rules.
tags:
- crm
- sales
- salesforce
- zoominfo
- lead-management
capability:
exposes:
- type: mcp
namespace: crm-leads
port: 8080
tools:
- name: enrich-lead
description: Given a Salesforce lead ID, fetch firmographic data from ZoomInfo and update the lead record with enriched company details and revenue information.
inputParameters:
- name: lead_id
in: body
type: string
description: The Salesforce lead record ID.
steps:
- name: get-lead
type: call
call: salesforce.get-lead
with:
lead_id: '{{lead_id}}'
- name: enrich-company
type: call
call: zoominfo.search-company
with:
companyName: '{{get-lead.Company}}'
- name: update-lead
type: call
call: salesforce-update.update-lead
with:
lead_id: '{{lead_id}}'
AnnualRevenue: '{{enrich-company.revenue}}'
NumberOfEmployees: '{{enrich-company.employeeCount}}'
Industry: '{{enrich-company.industry}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead/{{lead_id}}
inputParameters:
- name: lead_id
in: path
operations:
- name: get-lead
method: GET
- type: http
namespace: zoominfo
baseUri: https://api.zoominfo.com/search
authentication:
type: bearer
token: $secrets.zoominfo_token
resources:
- name: companies
path: /company
operations:
- name: search-company
method: POST
- type: http
namespace: salesforce-update
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead/{{lead_id}}
inputParameters:
- name: lead_id
in: path
operations:
- name: update-lead
method: PATCH
When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta access, and sends a Microsoft Teams welcome message.
naftiko: '0.5'
info:
label: New Employee Onboarding Orchestrator
description: When a new hire is created in Workday, opens a ServiceNow onboarding ticket, provisions Okta access, and sends a Microsoft Teams welcome message.
tags:
- hr
- onboarding
- workday
- servicenow
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-onboarding
port: 8080
tools:
- name: trigger-onboarding
description: 'Given a Workday employee ID and start date, orchestrate the full onboarding sequence: open a ServiceNow ticket, provision Okta, and send a Teams welcome.'
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID for the new hire.
- name: start_date
in: body
type: string
description: Employee start date in YYYY-MM-DD format.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: create-snow-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'New hire onboarding: {{get-worker.full_name}}'
category: hr_onboarding
- name: activate-okta
type: call
call: okta.create-user
with:
login: '{{get-worker.work_email}}'
firstName: '{{get-worker.first_name}}'
lastName: '{{get-worker.last_name}}'
- name: send-welcome
type: call
call: msteams.post-message
with:
recipient: '{{get-worker.work_email}}'
message: 'Welcome to Comcast, {{get-worker.first_name}}! Your onboarding ticket: {{create-snow-ticket.number}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /comcast/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users
operations:
- name: create-user
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /chats/messages
operations:
- name: post-message
method: POST
Audits Terraform-managed security groups for overly permissive rules, creates Jira compliance tickets, and notifies the cloud security team via Microsoft Teams.
naftiko: '0.5'
info:
label: Terraform Security Group Audit
description: Audits Terraform-managed security groups for overly permissive rules, creates Jira compliance tickets, and notifies the cloud security team via Microsoft Teams.
tags:
- security
- cloud
- terraform
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: sg-audit
port: 8080
tools:
- name: audit-security-groups
description: Given a Terraform workspace, audit security group rules for compliance.
inputParameters:
- name: workspace_name
in: body
type: string
description: Terraform workspace name.
steps:
- name: get-state
type: call
call: terraform.get-state
with:
workspace_name: '{{workspace_name}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: CLOUDSEC
summary: 'SG audit: {{workspace_name}}'
description: 'Open rules found: {{get-state.open_rule_count}}'
- name: notify-security
type: call
call: teams.post-message
with:
channel_id: cloud-security
text: 'SG audit: {{workspace_name}}. Open rules: {{get-state.open_rule_count}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_token
resources:
- name: state
path: /workspaces/{{workspace_name}}/current-state-version
operations:
- name: get-state
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Monitors the Peacock content recommendation ML pipeline via Datadog, creates a Jira ticket when accuracy drops, and notifies the ML team via Microsoft Teams.
naftiko: '0.5'
info:
label: Peacock Content Recommendation Pipeline Monitor
description: Monitors the Peacock content recommendation ML pipeline via Datadog, creates a Jira ticket when accuracy drops, and notifies the ML team via Microsoft Teams.
tags:
- streaming
- ml-ops
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ml-pipeline
port: 8080
tools:
- name: handle-recommendation-alert
description: Given a Datadog alert for recommendation pipeline degradation, investigate and escalate.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: pipeline_name
in: body
type: string
description: ML pipeline name.
steps:
- name: get-metrics
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: MLOPS
summary: 'Recommendation accuracy drop: {{pipeline_name}}'
description: '{{get-metrics.message}}'
- name: notify-ml-team
type: call
call: teams.post-message
with:
channel_id: ml-engineering
text: 'Recommendation pipeline alert: {{pipeline_name}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a high-volume alert fires in Splunk, sends the log context to Anthropic Claude for root cause analysis and posts the AI-generated triage summary to the engineering Teams channel.
naftiko: '0.5'
info:
label: Intelligent Incident Triage with Claude
description: When a high-volume alert fires in Splunk, sends the log context to Anthropic Claude for root cause analysis and posts the AI-generated triage summary to the engineering Teams channel.
tags:
- ai
- automation
- anthropic
- splunk
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: ai-triage
port: 8080
tools:
- name: triage-incident-with-ai
description: Given a Splunk alert message and affected service, send log context to Claude for root cause analysis and post the triage summary to the engineering Teams channel.
inputParameters:
- name: alert_message
in: body
type: string
description: The full Splunk alert message text including log snippets.
- name: service_name
in: body
type: string
description: The service or application that generated the alert.
- name: teams_channel_id
in: body
type: string
description: The Teams channel ID to post the triage summary to.
steps:
- name: analyze-logs
type: call
call: anthropic.create-message
with:
model: claude-3-5-sonnet-20241022
content: 'Analyze this Splunk alert for {{service_name}} and provide a concise root cause analysis with recommended remediation steps:
{{alert_message}}'
- name: post-triage
type: call
call: msteams.post-channel-message
with:
channelId: '{{teams_channel_id}}'
message: 'AI Triage for {{service_name}}:
{{analyze-logs.content}}'
consumes:
- type: http
namespace: anthropic
baseUri: https://api.anthropic.com/v1
authentication:
type: apikey
key: x-api-key
value: $secrets.anthropic_api_key
placement: header
resources:
- name: messages
path: /messages
operations:
- name: create-message
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Creates a ServiceNow standard change request for a planned network maintenance window, associates affected CIs, and notifies the NOC team in Teams.
naftiko: '0.5'
info:
label: ServiceNow Change Request for Network Maintenance
description: Creates a ServiceNow standard change request for a planned network maintenance window, associates affected CIs, and notifies the NOC team in Teams.
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
- network
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: open-network-change
description: Given a maintenance description, affected network CIs, and planned time window, create a ServiceNow change request and notify the NOC team in Teams.
inputParameters:
- name: change_description
in: body
type: string
description: Description of the planned network maintenance activity.
- name: affected_ci
in: body
type: string
description: Comma-separated list of affected network configuration items.
- name: planned_start
in: body
type: string
description: Planned maintenance start in ISO 8601 format.
- name: planned_end
in: body
type: string
description: Planned maintenance end in ISO 8601 format.
steps:
- name: create-change
type: call
call: servicenow.create-change
with:
short_description: '{{change_description}}'
type: standard
start_date: '{{planned_start}}'
end_date: '{{planned_end}}'
cmdb_ci: '{{affected_ci}}'
- name: notify-noc
type: call
call: msteams.post-channel-message
with:
channelId: noc-team
message: 'Network change {{create-change.number}} scheduled: {{change_description}} | Window: {{planned_start}} to {{planned_end}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
Checks the current latency and error rate for Peacock and Xfinity streaming services in Datadog.
naftiko: '0.5'
info:
label: Datadog Streaming Service Latency Check
description: Checks the current latency and error rate for Peacock and Xfinity streaming services in Datadog.
tags:
- streaming
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: streaming-health
port: 8080
tools:
- name: get-streaming-latency
description: Given a streaming service name, return p50 and p99 latency and error rate.
inputParameters:
- name: service_name
in: body
type: string
description: Streaming service name (e.g., peacock-api, xfinity-stream).
call: datadog.get-service-stats
with:
service_name: '{{service_name}}'
outputParameters:
- name: p50_latency_ms
type: number
mapping: $.series[0].p50
- name: p99_latency_ms
type: number
mapping: $.series[0].p99
- name: error_rate
type: number
mapping: $.series[0].error_rate
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: metrics
path: /query
inputParameters:
- name: service_name
in: query
operations:
- name: get-service-stats
method: GET
When a Snowflake data pipeline fails, retrieves error details, creates a Jira bug for the data engineering team, and posts the failure to the data-ops Teams channel.
naftiko: '0.5'
info:
label: Snowflake Data Pipeline Failure Handler
description: When a Snowflake data pipeline fails, retrieves error details, creates a Jira bug for the data engineering team, and posts the failure to the data-ops Teams channel.
tags:
- data-engineering
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-pipeline-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: Given a Snowflake task name and error code, create a tracking ticket and notify.
inputParameters:
- name: task_name
in: body
type: string
description: Snowflake task name.
- name: error_code
in: body
type: string
description: Error code from the failed run.
steps:
- name: get-task-history
type: call
call: snowflake.get-task-history
with:
task_name: '{{task_name}}'
- name: create-bug
type: call
call: jira.create-issue
with:
project: DATA
summary: 'Pipeline failure: {{task_name}}'
issue_type: Bug
description: 'Error: {{error_code}}. Last success: {{get-task-history.last_success}}'
- name: notify-data-ops
type: call
call: teams.post-message
with:
channel_id: data-ops
text: 'Pipeline failed: {{task_name}} ({{error_code}}). Jira: {{create-bug.key}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: tasks
path: /statements
operations:
- name: get-task-history
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Checks the last refresh status and duration for a Power BI dataset used in Comcast operational dashboards.
naftiko: '0.5'
info:
label: Power BI Dataset Refresh Status
description: Checks the last refresh status and duration for a Power BI dataset used in Comcast operational dashboards.
tags:
- analytics
- dashboards
- power-bi
capability:
exposes:
- type: mcp
namespace: bi-refresh
port: 8080
tools:
- name: get-refresh-status
description: Given a Power BI dataset ID, return the last refresh status, time, and duration.
inputParameters:
- name: dataset_id
in: body
type: string
description: Power BI dataset ID.
call: powerbi.get-refresh-history
with:
dataset_id: '{{dataset_id}}'
outputParameters:
- name: status
type: string
mapping: $.value[0].status
- name: end_time
type: string
mapping: $.value[0].endTime
- name: duration_sec
type: number
mapping: $.value[0].durationSeconds
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: refreshes
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh-history
method: GET
When a Datadog SLO drops below its error budget threshold, creates a ServiceNow incident and notifies the responsible engineering team in Microsoft Teams.
naftiko: '0.5'
info:
label: Datadog SLO Breach Alert
description: When a Datadog SLO drops below its error budget threshold, creates a ServiceNow incident and notifies the responsible engineering team in Microsoft Teams.
tags:
- observability
- itsm
- datadog
- servicenow
- microsoft-teams
- slo
capability:
exposes:
- type: mcp
namespace: slo-ops
port: 8080
tools:
- name: handle-slo-breach
description: Given a Datadog SLO ID and service name, retrieve current SLO status, open a ServiceNow incident, and page the engineering team in Teams.
inputParameters:
- name: slo_id
in: body
type: string
description: The Datadog SLO ID that is breaching its error budget.
- name: service_name
in: body
type: string
description: The service name associated with the SLO.
steps:
- name: get-slo-status
type: call
call: datadog.get-slo
with:
slo_id: '{{slo_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'SLO breach: {{service_name}}'
description: 'SLO {{slo_id}} for {{service_name}} has breached error budget. Current: {{get-slo-status.sli_value}}%'
urgency: '2'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channelId: engineering-alerts
message: 'SLO breach: {{service_name}} | SLO: {{slo_id}} | Current SLI: {{get-slo-status.sli_value}}% | ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: slos
path: /slo/{{slo_id}}
inputParameters:
- name: slo_id
in: path
operations:
- name: get-slo
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/channels/{{channelId}}/messages
inputParameters:
- name: channelId
in: path
operations:
- name: post-channel-message
method: POST
When Splunk detects potential account fraud, retrieves subscriber details from Salesforce, creates a ServiceNow security incident, and notifies the fraud team via Microsoft Teams.
naftiko: '0.5'
info:
label: Splunk Fraud Detection Alert Handler
description: When Splunk detects potential account fraud, retrieves subscriber details from Salesforce, creates a ServiceNow security incident, and notifies the fraud team via Microsoft Teams.
tags:
- security
- fraud
- splunk
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: fraud-detection
port: 8080
tools:
- name: handle-fraud-alert
description: Given a Splunk alert for potential fraud, investigate and escalate.
inputParameters:
- name: search_id
in: body
type: string
description: Splunk search job ID.
- name: account_id
in: body
type: string
description: Affected subscriber account ID.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_id: '{{account_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Potential fraud: {{account_id}} — {{get-account.Name}}'
urgency: '1'
category: security
- name: notify-fraud-team
type: call
call: teams.post-message
with:
channel_id: fraud-investigations
text: 'Fraud alert: {{get-account.Name}} ({{account_id}}). Splunk: {{search_id}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://comcast.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query
operations:
- name: get-account
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
After a PagerDuty incident resolves, retrieves the timeline, creates a Confluence postmortem page, and shares the link via Microsoft Teams.
naftiko: '0.5'
info:
label: PagerDuty Postmortem Generator
description: After a PagerDuty incident resolves, retrieves the timeline, creates a Confluence postmortem page, and shares the link via Microsoft Teams.
tags:
- sre
- postmortem
- pagerduty
- confluence
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: postmortem
port: 8080
tools:
- name: generate-postmortem
description: Given a PagerDuty incident ID, create a postmortem document.
inputParameters:
- name: incident_id
in: body
type: string
description: PagerDuty incident ID.
steps:
- name: get-incident
type: call
call: pagerduty.get-incident
with:
incident_id: '{{incident_id}}'
- name: create-page
type: call
call: confluence.create-page
with:
space_key: SRE
title: 'Postmortem: {{get-incident.title}}'
content: 'Duration: {{get-incident.duration}}. Service: {{get-incident.service_name}}'
- name: notify-sre
type: call
call: teams.post-message
with:
channel_id: sre-team
text: 'Postmortem: {{get-incident.title}}. Confluence: {{create-page.url}}'
consumes:
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents/{{incident_id}}
operations:
- name: get-incident
method: GET
- type: http
namespace: confluence
baseUri: https://comcast.atlassian.net/wiki/api/v2
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /pages
operations:
- name: create-page
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When Datadog detects a WiFi hotspot cluster outage, retrieves affected area data, creates a ServiceNow incident, and notifies field operations via Microsoft Teams.
naftiko: '0.5'
info:
label: Xfinity WiFi Hotspot Outage Handler
description: When Datadog detects a WiFi hotspot cluster outage, retrieves affected area data, creates a ServiceNow incident, and notifies field operations via Microsoft Teams.
tags:
- network
- wifi
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: wifi-ops
port: 8080
tools:
- name: handle-hotspot-outage
description: Given a Datadog alert for WiFi hotspot outage, create incident and notify field ops.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: cluster_id
in: body
type: string
description: WiFi hotspot cluster ID.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Xfinity WiFi hotspot outage: cluster {{cluster_id}}'
urgency: '2'
description: '{{get-alert.message}}'
- name: notify-field-ops
type: call
call: teams.post-message
with:
channel_id: field-operations
text: 'WiFi hotspot outage: cluster {{cluster_id}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a streaming CDN failure is detected in Datadog, creates a ServiceNow P1 incident, alerts the streaming ops team via Microsoft Teams, and triggers CloudFront failover.
naftiko: '0.5'
info:
label: Streaming Content Delivery Failure Handler
description: When a streaming CDN failure is detected in Datadog, creates a ServiceNow P1 incident, alerts the streaming ops team via Microsoft Teams, and triggers CloudFront failover.
tags:
- streaming
- cdn
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: streaming-cdn-ops
port: 8080
tools:
- name: handle-cdn-failure
description: Given a Datadog alert ID for CDN failure, create incident and trigger failover.
inputParameters:
- name: alert_id
in: body
type: string
description: Datadog alert ID.
- name: cdn_region
in: body
type: string
description: Affected CDN region.
steps:
- name: get-alert
type: call
call: datadog.get-monitor
with:
alert_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'CDN failure: {{cdn_region}} streaming'
urgency: '1'
impact: '1'
description: '{{get-alert.message}}'
- name: notify-ops
type: call
call: teams.post-message
with:
channel_id: streaming-ops
text: 'CDN P1: {{cdn_region}}. ServiceNow: {{create-incident.number}}. Failover initiated.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: bearer
token: $secrets.datadog_api_key
resources:
- name: monitors
path: /monitor/{{alert_id}}
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Lists all applications assigned to an Okta user at Comcast, including app name, status, and last sign-on time.
naftiko: '0.5'
info:
label: Okta User Application List
description: Lists all applications assigned to an Okta user at Comcast, including app name, status, and last sign-on time.
tags:
- identity
- okta
capability:
exposes:
- type: mcp
namespace: user-apps
port: 8080
tools:
- name: list-user-apps
description: Given an Okta user email, return the list of assigned applications.
inputParameters:
- name: user_email
in: body
type: string
description: Okta user email address.
call: okta.list-apps
with:
user_email: '{{user_email}}'
outputParameters:
- name: app_count
type: number
mapping: $.length
- name: apps
type: string
mapping: $.apps
consumes:
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: appLinks
path: /users/{{user_email}}/appLinks
inputParameters:
- name: user_email
in: path
operations:
- name: list-apps
method: GET
Analyzes AWS cost data from Snowflake, identifies optimization opportunities, creates Jira tickets for the cloud team, and posts savings summary to Microsoft Teams.
naftiko: '0.5'
info:
label: AWS Cost Optimization Recommender
description: Analyzes AWS cost data from Snowflake, identifies optimization opportunities, creates Jira tickets for the cloud team, and posts savings summary to Microsoft Teams.
tags:
- cloud
- cost-optimization
- aws
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cost-optimization
port: 8080
tools:
- name: generate-cost-recommendations
description: Given an AWS account ID, analyze costs and generate optimization recommendations.
inputParameters:
- name: aws_account_id
in: body
type: string
description: AWS account ID.
steps:
- name: get-cost-data
type: call
call: snowflake.query-aws-costs
with:
aws_account_id: '{{aws_account_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: CLOUD
summary: 'Cost optimization: {{aws_account_id}} — ${{get-cost-data.savings_potential}}/mo'
description: 'Current spend: ${{get-cost-data.monthly_spend}}. Idle resources: {{get-cost-data.idle_count}}'
- name: notify-cloud-team
type: call
call: teams.post-message
with:
channel_id: cloud-finops
text: 'Cost optimization: {{aws_account_id}}. Potential savings: ${{get-cost-data.savings_potential}}/mo. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://comcast.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: query-aws-costs
method: POST
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Monitors SSL certificate expiry events in Splunk, creates ServiceNow change requests for renewal, and notifies the security team via Microsoft Teams.
naftiko: '0.5'
info:
label: Splunk SSL Certificate Expiry Monitor
description: Monitors SSL certificate expiry events in Splunk, creates ServiceNow change requests for renewal, and notifies the security team via Microsoft Teams.
tags:
- security
- certificates
- splunk
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cert-monitor
port: 8080
tools:
- name: handle-cert-expiry
description: Given a domain with an expiring certificate detected in Splunk, initiate renewal.
inputParameters:
- name: domain
in: body
type: string
description: Domain with expiring certificate.
- name: days_remaining
in: body
type: number
description: Days until expiry.
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: 'SSL renewal: {{domain}}'
category: security
priority: '2'
- name: notify-security
type: call
call: teams.post-message
with:
channel_id: security-ops
text: 'SSL expiring: {{domain}} in {{days_remaining}} days. Change: {{create-change.number}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: changes
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When a Databricks job fails, retrieves run details, creates a Jira ticket, and notifies the data engineering team via Microsoft Teams.
naftiko: '0.5'
info:
label: Azure Databricks Job Failure Handler
description: When a Databricks job fails, retrieves run details, creates a Jira ticket, and notifies the data engineering team via Microsoft Teams.
tags:
- data-engineering
- databricks
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: databricks-ops
port: 8080
tools:
- name: handle-job-failure
description: Given a Databricks run ID, investigate the failure and escalate.
inputParameters:
- name: run_id
in: body
type: string
description: Databricks run ID.
steps:
- name: get-run
type: call
call: databricks.get-run
with:
run_id: '{{run_id}}'
- name: create-ticket
type: call
call: jira.create-issue
with:
project: DATA
summary: 'Databricks failure: {{get-run.run_name}}'
description: 'Error: {{get-run.error_message}}. Cluster: {{get-run.cluster_id}}'
- name: notify-team
type: call
call: teams.post-message
with:
channel_id: data-engineering
text: 'Databricks failed: {{get-run.run_name}}. Jira: {{create-ticket.key}}'
consumes:
- type: http
namespace: databricks
baseUri: https://comcast.cloud.databricks.com/api/2.1
authentication:
type: bearer
token: $secrets.databricks_token
resources:
- name: runs
path: /jobs/runs/get
operations:
- name: get-run
method: GET
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Aggregates Jira epic progress across product teams, generates a quarterly roadmap digest, and posts to the product leadership Teams channel.
naftiko: '0.5'
info:
label: Jira Quarterly Roadmap Digest
description: Aggregates Jira epic progress across product teams, generates a quarterly roadmap digest, and posts to the product leadership Teams channel.
tags:
- product-management
- roadmap
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: roadmap-digest
port: 8080
tools:
- name: generate-roadmap-digest
description: Given a fiscal quarter, generate the roadmap progress digest.
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: Fiscal quarter (e.g., FY26-Q1).
steps:
- name: get-epics
type: call
call: jira.search-epics
with:
quarter: '{{fiscal_quarter}}'
- name: notify-leadership
type: call
call: teams.post-message
with:
channel_id: product-leadership
text: 'Roadmap digest: {{fiscal_quarter}}. Total epics: {{get-epics.total}}. On-track: {{get-epics.on_track}}. At-risk: {{get-epics.at_risk}}'
consumes:
- type: http
namespace: jira
baseUri: https://comcast.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: search
path: /search
operations:
- name: search-epics
method: GET
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Enriches Splunk security alerts with CrowdStrike threat intelligence, creates a ServiceNow security incident, and notifies the SOC via Microsoft Teams.
naftiko: '0.5'
info:
label: Splunk Security Incident Enrichment
description: Enriches Splunk security alerts with CrowdStrike threat intelligence, creates a ServiceNow security incident, and notifies the SOC via Microsoft Teams.
tags:
- security
- siem
- splunk
- crowdstrike
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: security-enrichment
port: 8080
tools:
- name: enrich-security-alert
description: Given a Splunk alert and indicator, enrich with threat intel and escalate.
inputParameters:
- name: search_id
in: body
type: string
description: Splunk search ID.
- name: indicator
in: body
type: string
description: Threat indicator.
steps:
- name: get-results
type: call
call: splunk.get-results
with:
search_id: '{{search_id}}'
- name: check-intel
type: call
call: crowdstrike.check-indicator
with:
indicator: '{{indicator}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Threat: {{indicator}} — {{check-intel.verdict}}'
urgency: '1'
- name: alert-soc
type: call
call: teams.post-message
with:
channel_id: soc-alerts
text: 'Threat: {{indicator}}. Verdict: {{check-intel.verdict}}. ServiceNow: {{create-incident.number}}'
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.comcast.com:8089
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: search
path: /services/search/jobs/{{search_id}}/results
operations:
- name: get-results
method: GET
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: intel
path: /intel/combined/indicators/v1
operations:
- name: check-indicator
method: GET
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
When an org restructure is processed in Workday, updates Okta group memberships, adjusts ServiceNow assignments, and notifies affected managers via Microsoft Teams.
naftiko: '0.5'
info:
label: Workday Org Restructure Sync
description: When an org restructure is processed in Workday, updates Okta group memberships, adjusts ServiceNow assignments, and notifies affected managers via Microsoft Teams.
tags:
- hr
- identity
- workday
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: org-sync
port: 8080
tools:
- name: sync-org-change
description: Given an employee ID with a department transfer, sync access across systems.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday employee ID.
- name: new_department
in: body
type: string
description: New department.
steps:
- name: get-worker
type: call
call: workday.get-worker
with:
employee_id: '{{employee_id}}'
- name: update-okta
type: call
call: okta.update-groups
with:
email: '{{get-worker.email}}'
department: '{{new_department}}'
- name: update-snow
type: call
call: servicenow.update-user
with:
email: '{{get-worker.email}}'
department: '{{new_department}}'
- name: notify-manager
type: call
call: teams.post-message
with:
channel_id: hr-notifications
text: 'Org change: {{get-worker.name}} → {{new_department}}. Access updated.'
consumes:
- type: http
namespace: workday
baseUri: https://wd5-impl-services1.workday.com/ccx/api/v1/comcast
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{employee_id}}
operations:
- name: get-worker
method: GET
- type: http
namespace: okta
baseUri: https://comcast.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: groups
path: /users/{{email}}/groups
operations:
- name: update-groups
method: PUT
- type: http
namespace: servicenow
baseUri: https://comcast.service-now.com/api/now
authentication:
type: basic
username: $secrets.snow_user
password: $secrets.snow_password
resources:
- name: users
path: /table/sys_user
operations:
- name: update-user
method: PATCH
- type: http
namespace: teams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.teams_token
resources:
- name: messages
path: /teams/channels/messages
operations:
- name: post-message
method: POST
Provisions access for new contractors by creating an Okta account, assigning groups based on role, opening a ServiceNow access request, and notifying the hiring manager via Teams.
naftiko: '0.5'
info:
label: Contractor Access Provisioning Orchestrator
description: Provisions access for new contractors by creating an Okta account, assigning groups based on role, opening a ServiceNow access request, and notifying the hiring manager via Teams.
tags:
- identity
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contractor-mgmt
port: 8080
tools:
- name: provision-contractor-access
description: Orchestrate contractor access provisioning across Okta, ServiceNow, and Teams.
inputParameters:
- name: contractor_name
in: body
type: string
description: The contractor's full name.
- name: email
in: body
type: string
description: The contractor's email address.
- name: role
in: body
type: string
description: The contractor's role for group assignment.
- name: manager_email
in: body
type: string
description: The hiring manager's email.
steps:
- name: create-okta-user
type: call
call: okta.create-user
with:
firstName: '{{contractor_name}}'
email: '{{email}}'
userType: contractor
- name: assign-groups
type: call
call: okta.assign-group
with:
user_id: '{{create-okta-user.id}}'
group_name: contractors-{{role}}
- name: create-access-request
type: call
call: servicenow.create-incident
with:
short_description: 'Contractor access provisioned: {{contractor_name}}'
category: access_management
- name: notify-manager
type: call
call: msteams.send-message
with:
recipient: '{{manager_email}}'
message: 'Contractor {{contractor_name}} provisioned. Okta account active, groups assigned for {{role}} role. ServiceNow: {{create-access-request.number}}.'
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: users
path: /users
operations:
- name: create-user
method: POST
- name: group-assignments
path: /groups/{{group_name}}/users/{{user_id}}
inputParameters:
- name: group_name
in: path
- name: user_id
in: path
operations:
- name: assign-group
method: PUT
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-message
method: POST
Orchestrates the patent filing process by retrieving invention disclosure from SharePoint, creating a tracking ticket in Jira, and notifying the IP legal team via Teams.
naftiko: '0.5'
info:
label: Patent Filing Workflow Orchestrator
description: Orchestrates the patent filing process by retrieving invention disclosure from SharePoint, creating a tracking ticket in Jira, and notifying the IP legal team via Teams.
tags:
- product-lifecycle
- sharepoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: ip-management
port: 8080
tools:
- name: initiate-patent-filing
description: Orchestrate patent filing workflow across SharePoint, Jira, and Teams.
inputParameters:
- name: disclosure_id
in: body
type: string
description: The invention disclosure document ID in SharePoint.
steps:
- name: get-disclosure
type: call
call: sharepoint.get-document
with:
document_id: '{{disclosure_id}}'
- name: create-tracking-ticket
type: call
call: jira.create-issue
with:
project: PATENT
summary: 'Patent Filing: {{get-disclosure.title}}'
issue_type: Task
description: 'Invention disclosure: {{get-disclosure.title}} by {{get-disclosure.author}}'
- name: notify-legal
type: call
call: msteams.send-message
with:
channel: ip-legal
message: 'New patent filing initiated: {{get-disclosure.title}}. Jira ticket: {{create-tracking-ticket.key}}.'
consumes:
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites/qualcomm.sharepoint.com
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: documents
path: /drive/items/{{document_id}}
inputParameters:
- name: document_id
in: path
operations:
- name: get-document
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/ip-legal/channels/general/messages
operations:
- name: send-message
method: POST
Monitors MRP exceptions in SAP, identifies critical material shortages, and creates procurement requisitions with notifications to the supply chain team via Teams.
naftiko: '0.5'
info:
label: SAP Material Requirements Planning Alert
description: Monitors MRP exceptions in SAP, identifies critical material shortages, and creates procurement requisitions with notifications to the supply chain team via Teams.
tags:
- supply-chain
- manufacturing
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: mrp
port: 8080
tools:
- name: process-mrp-exceptions
description: Orchestrate MRP exception handling across SAP and Teams.
inputParameters:
- name: plant
in: body
type: string
description: The SAP plant code.
steps:
- name: get-mrp-exceptions
type: call
call: sap.get-mrp-exceptions
with:
plant: '{{plant}}'
- name: create-requisitions
type: call
call: sap.create-purchase-requisition
with:
plant: '{{plant}}'
materials: '{{get-mrp-exceptions.critical_materials}}'
- name: notify-supply-chain
type: call
call: msteams.send-message
with:
channel: supply-chain-planning
message: 'MRP Alert for plant {{plant}}: {{get-mrp-exceptions.exception_count}} exceptions. {{get-mrp-exceptions.critical_count}} critical shortages. Requisitions created.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_MRP_MATERIALS_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: mrp-exceptions
path: /A_MRPMaterial?$filter=MRPPlant eq '{{plant}}' and MRPException ne ''
inputParameters:
- name: plant
in: query
operations:
- name: get-mrp-exceptions
method: GET
- name: purchase-requisitions
path: /A_PurchaseRequisition
operations:
- name: create-purchase-requisition
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/supply-chain-planning/channels/general/messages
operations:
- name: send-message
method: POST
Schedules preventive maintenance for fab equipment by checking SAP plant maintenance records, creating a ServiceNow work order, and notifying the maintenance team via Teams.
naftiko: '0.5'
info:
label: Manufacturing Equipment Maintenance Orchestrator
description: Schedules preventive maintenance for fab equipment by checking SAP plant maintenance records, creating a ServiceNow work order, and notifying the maintenance team via Teams.
tags:
- manufacturing
- sap
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: plant-maintenance
port: 8080
tools:
- name: schedule-equipment-maintenance
description: Orchestrate equipment maintenance scheduling across SAP, ServiceNow, and Teams.
inputParameters:
- name: equipment_id
in: body
type: string
description: The SAP equipment ID.
steps:
- name: get-maintenance-schedule
type: call
call: sap.get-maintenance-plan
with:
equipment_id: '{{equipment_id}}'
- name: create-work-order
type: call
call: servicenow.create-incident
with:
short_description: 'PM due: Equipment {{equipment_id}}'
category: plant_maintenance
description: 'Next PM due: {{get-maintenance-schedule.next_due_date}}'
- name: notify-maintenance
type: call
call: msteams.send-message
with:
channel: fab-maintenance
message: 'PM scheduled for equipment {{equipment_id}}. Due: {{get-maintenance-schedule.next_due_date}}. Work order: {{create-work-order.number}}.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_MAINTENANCE_ORDER_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: maintenance-plans
path: /A_MaintenancePlan?$filter=Equipment eq '{{equipment_id}}'
inputParameters:
- name: equipment_id
in: query
operations:
- name: get-maintenance-plan
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/fab-maintenance/channels/general/messages
operations:
- name: send-message
method: POST
When a new Salesforce account is marked as a customer, creates a ServiceNow onboarding project, provisions a SharePoint collaboration space, and notifies the account team in Teams.
naftiko: '0.5'
info:
label: Salesforce Customer Onboarding Workflow
description: When a new Salesforce account is marked as a customer, creates a ServiceNow onboarding project, provisions a SharePoint collaboration space, and notifies the account team in Teams.
tags:
- crm
- sales
- salesforce
- servicenow
- microsoft-teams
- onboarding
capability:
exposes:
- type: mcp
namespace: customer-onboarding
port: 8080
tools:
- name: trigger-customer-onboarding
description: Given a Salesforce account ID newly converted to customer status, create a ServiceNow onboarding project, provision a SharePoint site, and notify the account team in Teams.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account record ID.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
account_id: '{{account_id}}'
- name: create-project
type: call
call: servicenow.create-onboarding-project
with:
name: 'Customer Onboarding: {{get-account.name}}'
account_id: '{{account_id}}'
- name: notify-team
type: call
call: msteams.post-customer-welcome
with:
channel_id: account-management
message: 'New customer onboarded: {{get-account.name}}. ServiceNow project: {{create-project.number}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: projects
path: /table/pm_project
operations:
- name: create-onboarding-project
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-customer-welcome
method: POST
Reserves lab equipment for chip testing by checking availability in ServiceNow CMDB, creating a reservation in the scheduling system, and confirming via Teams.
naftiko: '0.5'
info:
label: Lab Equipment Reservation Orchestrator
description: Reserves lab equipment for chip testing by checking availability in ServiceNow CMDB, creating a reservation in the scheduling system, and confirming via Teams.
tags:
- chip-design
- manufacturing
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: lab-mgmt
port: 8080
tools:
- name: reserve-lab-equipment
description: Orchestrate lab equipment reservation across ServiceNow and Teams.
inputParameters:
- name: equipment_type
in: body
type: string
description: Type of lab equipment needed.
- name: requestor_email
in: body
type: string
description: Email of the requesting engineer.
- name: date
in: body
type: string
description: Reservation date in YYYY-MM-DD format.
steps:
- name: check-availability
type: call
call: servicenow.search-ci
with:
type: '{{equipment_type}}'
status: available
- name: create-reservation
type: call
call: servicenow.create-incident
with:
short_description: 'Lab equipment reservation: {{equipment_type}} on {{date}}'
category: lab_reservation
caller_id: '{{requestor_email}}'
- name: confirm-reservation
type: call
call: msteams.send-message
with:
recipient: '{{requestor_email}}'
message: 'Lab reservation confirmed: {{equipment_type}} on {{date}}. Equipment: {{check-availability.name}}. Ticket: {{create-reservation.number}}.'
consumes:
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cmdb
path: /table/cmdb_ci?sysparm_query=type={{type}}^install_status={{status}}
inputParameters:
- name: type
in: query
- name: status
in: query
operations:
- name: search-ci
method: GET
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-message
method: POST
Escalates customer technical support cases by pulling case details from Salesforce, creating an engineering Jira ticket, and paging the on-call engineer via PagerDuty.
naftiko: '0.5'
info:
label: Customer Technical Support Escalation Orchestrator
description: Escalates customer technical support cases by pulling case details from Salesforce, creating an engineering Jira ticket, and paging the on-call engineer via PagerDuty.
tags:
- support
- salesforce
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: tech-support
port: 8080
tools:
- name: escalate-support-case
description: Orchestrate technical support escalation across Salesforce, Jira, and PagerDuty.
inputParameters:
- name: case_id
in: body
type: string
description: The Salesforce case ID.
steps:
- name: get-case
type: call
call: salesforce.get-case
with:
case_id: '{{case_id}}'
- name: create-eng-ticket
type: call
call: jira.create-issue
with:
project: CUSTSUP
summary: 'Escalation: {{get-case.Subject}}'
issue_type: Bug
priority: High
description: 'Customer: {{get-case.Account.Name}}. Description: {{get-case.Description}}'
- name: page-engineer
type: call
call: pagerduty.create-incident
with:
service_id: customer-engineering
title: 'Customer escalation: {{get-case.Subject}}'
urgency: high
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: cases
path: /sobjects/Case/{{case_id}}
inputParameters:
- name: case_id
in: path
operations:
- name: get-case
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Retrieves all group memberships for a specified Okta user by their email address.
naftiko: '0.5'
info:
label: Okta User Group Membership Lookup
description: Retrieves all group memberships for a specified Okta user by their email address.
tags:
- identity
- okta
- access-management
capability:
exposes:
- type: mcp
namespace: identity
port: 8080
tools:
- name: get-user-groups
description: Look up all Okta groups assigned to a user by email address.
inputParameters:
- name: user_email
in: body
type: string
description: The email address of the Okta user.
call: okta.get-user-groups
with:
user_id: '{{user_email}}'
outputParameters:
- name: groups
type: array
mapping: $[*].profile.name
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: user-groups
path: /users/{{user_id}}/groups
inputParameters:
- name: user_id
in: path
operations:
- name: get-user-groups
method: GET
Runs quality gate checks for Snapdragon processors by pulling test results from Snowflake, verifying defect counts in Jira, and updating the SAP quality inspection record.
naftiko: '0.5'
info:
label: Snapdragon Processor Quality Gate Orchestrator
description: Runs quality gate checks for Snapdragon processors by pulling test results from Snowflake, verifying defect counts in Jira, and updating the SAP quality inspection record.
tags:
- manufacturing
- chip-design
- snowflake
- jira
- sap
capability:
exposes:
- type: mcp
namespace: quality
port: 8080
tools:
- name: run-quality-gate
description: Orchestrate quality gate checks across Snowflake test data, Jira defects, and SAP quality inspection.
inputParameters:
- name: product_id
in: body
type: string
description: The Snapdragon processor product ID.
- name: lot_number
in: body
type: string
description: The manufacturing lot number.
steps:
- name: get-test-results
type: call
call: snowflake.execute-query
with:
statement: SELECT pass_rate, fail_count, test_suite FROM quality_results WHERE product_id = '{{product_id}}' AND lot = '{{lot_number}}'
- name: get-open-defects
type: call
call: jira.search-issues
with:
jql: project = SNAPQUAL AND labels = {{product_id}} AND status != Closed
- name: update-quality-record
type: call
call: sap.update-quality-inspection
with:
lot_number: '{{lot_number}}'
pass_rate: '{{get-test-results.pass_rate}}'
open_defects: '{{get-open-defects.total}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: search
path: /search
operations:
- name: search-issues
method: POST
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_QUALITY_INSPECTION_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: inspections
path: /A_QualityInspection
operations:
- name: update-quality-inspection
method: PATCH
Checks that all merged pull requests on protected branches in GitHub meet minimum review approval counts, and flags violations in Jira.
naftiko: '0.5'
info:
label: GitHub Code Review Compliance Check
description: Checks that all merged pull requests on protected branches in GitHub meet minimum review approval counts, and flags violations in Jira.
tags:
- devops
- engineering
- github
- jira
- compliance
- code-review
capability:
exposes:
- type: mcp
namespace: code-governance
port: 8080
tools:
- name: check-pr-review-compliance
description: Given a GitHub repository and date range, scan merged PRs for insufficient review approvals and create Jira compliance tickets for any violations.
inputParameters:
- name: repository
in: body
type: string
description: The GitHub repository in owner/repo format.
- name: min_approvals
in: body
type: integer
description: Minimum number of required review approvals per PR.
steps:
- name: get-merged-prs
type: call
call: github.list-merged-prs
with:
repository: '{{repository}}'
- name: create-violation-ticket
type: call
call: jira.create-compliance-issue
with:
project_key: SEC
issuetype: Task
summary: PR review compliance violations in {{repository}}
description: '{{get-merged-prs.violation_count}} PRs merged with fewer than {{min_approvals}} approvals.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: pull-requests
path: /repos/{{repository}}/pulls
inputParameters:
- name: repository
in: path
operations:
- name: list-merged-prs
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-compliance-issue
method: POST
When an employee departure is confirmed in Workday, revokes Microsoft 365 access, closes open ServiceNow tickets, and transfers Salesforce account ownership.
naftiko: '0.5'
info:
label: Employee Offboarding Orchestrator
description: When an employee departure is confirmed in Workday, revokes Microsoft 365 access, closes open ServiceNow tickets, and transfers Salesforce account ownership.
tags:
- hr
- offboarding
- workday
- microsoft-graph
- servicenow
- salesforce
capability:
exposes:
- type: mcp
namespace: hr-offboarding
port: 8080
tools:
- name: trigger-offboarding
description: Given a Workday employee ID and termination date, revoke Microsoft 365 access, close open ServiceNow tickets, and reassign Salesforce records to the employee's manager.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID for the departing employee.
- name: termination_date
in: body
type: string
description: The employee termination date in YYYY-MM-DD format.
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: revoke-access
type: call
call: msgraph.disable-user
with:
user_id: '{{get-employee.azure_object_id}}'
- name: close-tickets
type: call
call: servicenow.close-user-tickets
with:
caller_id: '{{get-employee.work_email}}'
- name: reassign-accounts
type: call
call: salesforce.reassign-owner
with:
from_user_id: '{{get-employee.salesforce_user_id}}'
to_user_id: '{{get-employee.manager_salesforce_id}}'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /qualcomm/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: msgraph
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: users
path: /users/{{user_id}}
inputParameters:
- name: user_id
in: path
operations:
- name: disable-user
method: PATCH
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: close-user-tickets
method: PATCH
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account
operations:
- name: reassign-owner
method: PATCH
After a Salesforce opportunity closes as Won, dispatches a net promoter score survey to the primary contact and records the response back on the account.
naftiko: '0.5'
info:
label: Salesforce NPS Survey Dispatch
description: After a Salesforce opportunity closes as Won, dispatches a net promoter score survey to the primary contact and records the response back on the account.
tags:
- crm
- sales
- salesforce
- customer-success
- nps
capability:
exposes:
- type: mcp
namespace: customer-success
port: 8080
tools:
- name: dispatch-nps-survey
description: Given a Salesforce opportunity ID closed as Won, retrieve the primary contact, send an NPS survey link via Microsoft Teams, and log the dispatch on the account.
inputParameters:
- name: opportunity_id
in: body
type: string
description: The Salesforce opportunity ID that was closed Won.
steps:
- name: get-opportunity
type: call
call: salesforce-opp.get-opportunity
with:
opportunity_id: '{{opportunity_id}}'
- name: get-contact
type: call
call: salesforce-contact.get-contact
with:
contact_id: '{{get-opportunity.primary_contact_id}}'
- name: send-survey
type: call
call: msteams.send-nps-survey
with:
recipient: '{{get-contact.email}}'
message: 'Thank you for choosing Qualcomm. Please take a moment to share your feedback: https://survey.qualcomm.com/nps/{{opportunity_id}}'
consumes:
- type: http
namespace: salesforce-opp
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity/{{opportunity_id}}
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: salesforce-contact
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: contacts
path: /sobjects/Contact/{{contact_id}}
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-nps-survey
method: POST
Reconciles goods receipts against invoices in SAP S/4HANA, flags discrepancies, and creates a ServiceNow ticket for the accounts payable team.
naftiko: '0.5'
info:
label: SAP Goods Receipt to Invoice Reconciliation
description: Reconciles goods receipts against invoices in SAP S/4HANA, flags discrepancies, and creates a ServiceNow ticket for the accounts payable team.
tags:
- finance
- procurement
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: finance-ops
port: 8080
tools:
- name: reconcile-gr-invoices
description: Orchestrate goods receipt to invoice reconciliation across SAP and ServiceNow.
inputParameters:
- name: po_number
in: body
type: string
description: The SAP purchase order number.
steps:
- name: get-goods-receipts
type: call
call: sap.get-goods-receipts
with:
po_number: '{{po_number}}'
- name: get-invoices
type: call
call: sap.get-invoices
with:
po_number: '{{po_number}}'
- name: create-discrepancy-ticket
type: call
call: servicenow.create-incident
with:
short_description: GR/Invoice discrepancy for PO {{po_number}}
category: accounts_payable
description: 'GR total: {{get-goods-receipts.total}}, Invoice total: {{get-invoices.total}}'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_INBOUND_DELIVERY_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: goods-receipts
path: /A_InbDeliveryHeader?$filter=PurchaseOrder eq '{{po_number}}'
inputParameters:
- name: po_number
in: query
operations:
- name: get-goods-receipts
method: GET
- name: invoices
path: /A_SupplierInvoice?$filter=PurchaseOrder eq '{{po_number}}'
inputParameters:
- name: po_number
in: query
operations:
- name: get-invoices
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
When a new engineering requisition is approved in Workday, posts the job to LinkedIn, creates a recruiting pipeline in Jira, and notifies the recruiting team via Teams.
naftiko: '0.5'
info:
label: Engineering Talent Requisition Orchestrator
description: When a new engineering requisition is approved in Workday, posts the job to LinkedIn, creates a recruiting pipeline in Jira, and notifies the recruiting team via Teams.
tags:
- hr
- workday
- linkedin
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: process-engineering-requisition
description: Orchestrate engineering requisition across Workday, LinkedIn, Jira, and Teams.
inputParameters:
- name: requisition_id
in: body
type: string
description: The Workday requisition ID.
steps:
- name: get-requisition
type: call
call: workday.get-requisition
with:
requisition_id: '{{requisition_id}}'
- name: post-to-linkedin
type: call
call: linkedin.create-job-posting
with:
title: '{{get-requisition.title}}'
description: '{{get-requisition.description}}'
location: '{{get-requisition.location}}'
- name: create-pipeline
type: call
call: jira.create-issue
with:
project: RECRUIT
summary: 'Recruiting Pipeline: {{get-requisition.title}}'
issue_type: Epic
- name: notify-recruiters
type: call
call: msteams.send-message
with:
channel: engineering-recruiting
message: 'New requisition: {{get-requisition.title}} in {{get-requisition.location}}. LinkedIn posted, Jira epic: {{create-pipeline.key}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: requisitions
path: /qualcomm/recruiting/requisitions/{{requisition_id}}
inputParameters:
- name: requisition_id
in: path
operations:
- name: get-requisition
method: GET
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: job-postings
path: /simpleJobPostings
operations:
- name: create-job-posting
method: POST
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/engineering-recruiting/channels/general/messages
operations:
- name: send-message
method: POST
When a Snowflake data pipeline fails, captures error details, creates a Jira incident, and triggers a retry with notification to the data engineering Teams channel.
naftiko: '0.5'
info:
label: Data Pipeline Failure Recovery Orchestrator
description: When a Snowflake data pipeline fails, captures error details, creates a Jira incident, and triggers a retry with notification to the data engineering Teams channel.
tags:
- data-engineering
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-engineering
port: 8080
tools:
- name: recover-pipeline-failure
description: Orchestrate data pipeline failure recovery across Snowflake, Jira, and Teams.
inputParameters:
- name: pipeline_name
in: body
type: string
description: The name of the failed data pipeline.
- name: task_id
in: body
type: string
description: The Snowflake task ID that failed.
steps:
- name: get-error-details
type: call
call: snowflake.execute-query
with:
statement: SELECT error_message, scheduled_time FROM table(information_schema.task_history()) WHERE name = '{{pipeline_name}}' ORDER BY scheduled_time DESC LIMIT 1
- name: create-incident
type: call
call: jira.create-issue
with:
project: DATAENG
summary: 'Pipeline failure: {{pipeline_name}}'
issue_type: Bug
priority: High
description: 'Error: {{get-error-details.error_message}}'
- name: notify-data-team
type: call
call: msteams.send-message
with:
channel: data-engineering
message: 'Pipeline {{pipeline_name}} failed. Error: {{get-error-details.error_message}}. Jira: {{create-incident.key}}.'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/data-engineering/channels/general/messages
operations:
- name: send-message
method: POST
Validates vendor compliance by checking SAP Ariba supplier certifications, querying Snowflake for delivery performance metrics, and creating a compliance report in Confluence.
naftiko: '0.5'
info:
label: Semiconductor Vendor Compliance Orchestrator
description: Validates vendor compliance by checking SAP Ariba supplier certifications, querying Snowflake for delivery performance metrics, and creating a compliance report in Confluence.
tags:
- supply-chain
- procurement
- sap
- snowflake
- confluence
capability:
exposes:
- type: mcp
namespace: vendor-compliance
port: 8080
tools:
- name: run-vendor-compliance-check
description: Orchestrate vendor compliance review across SAP Ariba, Snowflake, and Confluence.
inputParameters:
- name: vendor_id
in: body
type: string
description: The SAP vendor ID.
steps:
- name: get-certifications
type: call
call: ariba.get-supplier-profile
with:
vendor_id: '{{vendor_id}}'
- name: get-delivery-metrics
type: call
call: snowflake.execute-query
with:
statement: SELECT on_time_rate, quality_rate, avg_lead_days FROM vendor_performance WHERE vendor_id = '{{vendor_id}}'
- name: create-compliance-report
type: call
call: confluence.create-page
with:
space: PROCUREMENT
title: Vendor Compliance Report - {{vendor_id}}
body: 'Certifications: {{get-certifications.cert_status}}. On-time rate: {{get-delivery-metrics.on_time_rate}}%. Quality rate: {{get-delivery-metrics.quality_rate}}%.'
consumes:
- type: http
namespace: ariba
baseUri: https://openapi.ariba.com/api/supplier-management/v1
authentication:
type: bearer
token: $secrets.ariba_token
resources:
- name: suppliers
path: /suppliers/{{vendor_id}}
inputParameters:
- name: vendor_id
in: path
operations:
- name: get-supplier-profile
method: GET
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
Detects Datadog cloud infrastructure cost anomalies exceeding threshold and opens a ServiceNow investigation ticket while alerting the FinOps team in Teams.
naftiko: '0.5'
info:
label: Datadog Infrastructure Cost Anomaly Responder
description: Detects Datadog cloud infrastructure cost anomalies exceeding threshold and opens a ServiceNow investigation ticket while alerting the FinOps team in Teams.
tags:
- cloud
- finops
- datadog
- servicenow
- microsoft-teams
- cost-management
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: respond-to-cost-anomaly
description: Given a Datadog metric query for cloud spend, detect if current spend exceeds the anomaly threshold and create a ServiceNow investigation ticket with cost details.
inputParameters:
- name: metric_query
in: body
type: string
description: Datadog metric query string for cloud cost metrics.
- name: threshold_usd
in: body
type: number
description: Spend threshold in USD above which an anomaly is flagged.
steps:
- name: query-metrics
type: call
call: datadog.query-metrics
with:
query: '{{metric_query}}'
- name: open-investigation
type: call
call: servicenow.create-cost-ticket
with:
short_description: 'Cloud cost anomaly detected: spend exceeds ${{threshold_usd}}'
description: 'Current spend: {{query-metrics.value}}. Threshold: {{threshold_usd}}.'
- name: alert-finops
type: call
call: msteams.post-cost-alert
with:
channel_id: finops-team
message: 'Cost anomaly: current spend {{query-metrics.value}} exceeds threshold ${{threshold_usd}}. ServiceNow: {{open-investigation.number}}'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: metrics-query
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-cost-ticket
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-cost-alert
method: POST
Retrieves account details from Salesforce by account ID including name, industry, annual revenue, and account owner.
naftiko: '0.5'
info:
label: Salesforce Account Details Lookup
description: Retrieves account details from Salesforce by account ID including name, industry, annual revenue, and account owner.
tags:
- sales
- salesforce
- crm
capability:
exposes:
- type: mcp
namespace: crm
port: 8080
tools:
- name: get-account-details
description: Look up a Salesforce account by ID and return key account information.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID.
call: salesforce.get-account
with:
account_id: '{{account_id}}'
outputParameters:
- name: name
type: string
mapping: $.Name
- name: industry
type: string
mapping: $.Industry
- name: annual_revenue
type: number
mapping: $.AnnualRevenue
- name: owner
type: string
mapping: $.Owner.Name
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account
method: GET
Retrieves an employee's current leave balances and pending absence requests from Workday for use by HR business partners and managers.
naftiko: '0.5'
info:
label: Workday Absence and Leave Balance Lookup
description: Retrieves an employee's current leave balances and pending absence requests from Workday for use by HR business partners and managers.
tags:
- hr
- workday
- leave-management
capability:
exposes:
- type: mcp
namespace: hr-leave
port: 8080
tools:
- name: get-leave-balance
description: Given a Workday employee ID, return current PTO, sick leave, and other leave balances along with any pending absence requests.
inputParameters:
- name: employee_id
in: body
type: string
description: The Workday worker ID.
call: workday.get-leave-balance
with:
worker_id: '{{employee_id}}'
outputParameters:
- name: pto_balance
type: number
mapping: $.data.timeOffBalances.ptoBalance
- name: sick_balance
type: number
mapping: $.data.timeOffBalances.sickBalance
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: leave-balances
path: /qualcomm/workers/{{worker_id}}/timeOffBalances
inputParameters:
- name: worker_id
in: path
operations:
- name: get-leave-balance
method: GET
When Dependabot alerts are detected, retrieves alert details from GitHub, creates a remediation Jira ticket, and notifies the security team via Teams.
naftiko: '0.5'
info:
label: GitHub Dependabot Alert Remediation Orchestrator
description: When Dependabot alerts are detected, retrieves alert details from GitHub, creates a remediation Jira ticket, and notifies the security team via Teams.
tags:
- security
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: devsecops
port: 8080
tools:
- name: remediate-dependabot-alert
description: Orchestrate Dependabot alert remediation across GitHub, Jira, and Teams.
inputParameters:
- name: repo_name
in: body
type: string
description: The GitHub repository name.
- name: alert_number
in: body
type: number
description: The Dependabot alert number.
steps:
- name: get-alert-details
type: call
call: github.get-dependabot-alert
with:
repo: '{{repo_name}}'
alert_number: '{{alert_number}}'
- name: create-remediation-ticket
type: call
call: jira.create-issue
with:
project: SEC
summary: 'Dependabot: {{get-alert-details.security_advisory.summary}}'
issue_type: Bug
priority: '{{get-alert-details.security_advisory.severity}}'
- name: notify-security
type: call
call: msteams.send-message
with:
channel: appsec
message: 'Dependabot alert in {{repo_name}}: {{get-alert-details.security_advisory.summary}}. Severity: {{get-alert-details.security_advisory.severity}}. Jira: {{create-remediation-ticket.key}}.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: dependabot-alerts
path: /repos/{{repo}}/dependabot/alerts/{{alert_number}}
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/appsec/channels/general/messages
operations:
- name: send-message
method: POST
Conducts quarterly access reviews by pulling user entitlements from Okta, comparing against roles in Workday, and generating a review report in Confluence.
naftiko: '0.5'
info:
label: Quarterly Access Review Orchestrator
description: Conducts quarterly access reviews by pulling user entitlements from Okta, comparing against roles in Workday, and generating a review report in Confluence.
tags:
- compliance
- identity
- okta
- workday
- confluence
capability:
exposes:
- type: mcp
namespace: access-governance
port: 8080
tools:
- name: run-quarterly-access-review
description: Orchestrate quarterly access review across Okta, Workday, and Confluence.
inputParameters:
- name: department
in: body
type: string
description: The department to review.
- name: review_period
in: body
type: string
description: The review period (e.g., 2026-Q1).
steps:
- name: get-okta-entitlements
type: call
call: okta.list-users
with:
filter: profile.department eq '{{department}}'
- name: get-workday-roles
type: call
call: workday.get-department-workers
with:
department: '{{department}}'
- name: publish-review-report
type: call
call: confluence.create-page
with:
space: IAM
title: Access Review - {{department}} - {{review_period}}
body: 'Okta users: {{get-okta-entitlements.count}}. Workday active employees: {{get-workday-roles.count}}. Review required for discrepancies.'
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: users
path: /users
operations:
- name: list-users
method: GET
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /qualcomm/workers?department={{department}}
inputParameters:
- name: department
in: query
operations:
- name: get-department-workers
method: GET
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
Retrieves the title and body content of a Confluence page by page ID.
naftiko: '0.5'
info:
label: Confluence Page Content Lookup
description: Retrieves the title and body content of a Confluence page by page ID.
tags:
- documentation
- confluence
- knowledge-management
capability:
exposes:
- type: mcp
namespace: docs
port: 8080
tools:
- name: get-page-content
description: Retrieve a Confluence page title and body content by page ID.
inputParameters:
- name: page_id
in: body
type: string
description: The Confluence page ID.
call: confluence.get-page
with:
page_id: '{{page_id}}'
outputParameters:
- name: title
type: string
mapping: $.title
- name: body
type: string
mapping: $.body.storage.value
consumes:
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content/{{page_id}}?expand=body.storage
inputParameters:
- name: page_id
in: path
operations:
- name: get-page
method: GET
Processes a return merchandise authorization by looking up the order in SAP, creating a Salesforce case, and generating a return shipping label notification via Teams.
naftiko: '0.5'
info:
label: Customer RMA Processing Orchestrator
description: Processes a return merchandise authorization by looking up the order in SAP, creating a Salesforce case, and generating a return shipping label notification via Teams.
tags:
- supply-chain
- product-lifecycle
- sap
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: rma
port: 8080
tools:
- name: process-rma
description: Orchestrate RMA processing across SAP, Salesforce, and Teams.
inputParameters:
- name: order_number
in: body
type: string
description: The original SAP sales order number.
- name: reason
in: body
type: string
description: The return reason description.
steps:
- name: get-order
type: call
call: sap.get-sales-order
with:
order_number: '{{order_number}}'
- name: create-case
type: call
call: salesforce.create-case
with:
subject: RMA for order {{order_number}}
description: 'Return reason: {{reason}}. Customer: {{get-order.customer_name}}'
origin: API
- name: notify-logistics
type: call
call: msteams.send-message
with:
channel: logistics-ops
message: 'RMA created for order {{order_number}}. Customer: {{get-order.customer_name}}. Case: {{create-case.CaseNumber}}. Reason: {{reason}}.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_SALES_ORDER_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: sales-orders
path: /A_SalesOrder('{{order_number}}')
inputParameters:
- name: order_number
in: path
operations:
- name: get-sales-order
method: GET
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: cases
path: /sobjects/Case
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/logistics-ops/channels/general/messages
operations:
- name: send-message
method: POST
Orchestrates intercompany stock transfers by creating transfer orders in SAP, updating inventory in Snowflake, and notifying logistics via Teams.
naftiko: '0.5'
info:
label: SAP Intercompany Transfer Orchestrator
description: Orchestrates intercompany stock transfers by creating transfer orders in SAP, updating inventory in Snowflake, and notifying logistics via Teams.
tags:
- supply-chain
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: logistics
port: 8080
tools:
- name: process-intercompany-transfer
description: Orchestrate intercompany transfer across SAP, Snowflake, and Teams.
inputParameters:
- name: material_number
in: body
type: string
description: The SAP material number.
- name: source_plant
in: body
type: string
description: The source plant code.
- name: target_plant
in: body
type: string
description: The target plant code.
- name: quantity
in: body
type: number
description: Transfer quantity.
steps:
- name: create-transfer-order
type: call
call: sap.create-stock-transfer
with:
material: '{{material_number}}'
source: '{{source_plant}}'
target: '{{target_plant}}'
quantity: '{{quantity}}'
- name: update-inventory-ledger
type: call
call: snowflake.execute-query
with:
statement: CALL update_inventory_transfer('{{material_number}}', '{{source_plant}}', '{{target_plant}}', {{quantity}})
- name: notify-logistics
type: call
call: msteams.send-message
with:
channel: logistics-ops
message: 'Intercompany transfer created: {{material_number}} x{{quantity}} from {{source_plant}} to {{target_plant}}. SAP TO: {{create-transfer-order.transfer_order_number}}.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_STOCK_TRANSFER_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: stock-transfers
path: /A_StockTransfer
operations:
- name: create-stock-transfer
method: POST
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/logistics-ops/channels/general/messages
operations:
- name: send-message
method: POST
When a purchase requisition is submitted in SAP Ariba, validates the budget in SAP S/4HANA and posts an approval notification to Microsoft Teams.
naftiko: '0.5'
info:
label: SAP Ariba Procurement Requisition Approval
description: When a purchase requisition is submitted in SAP Ariba, validates the budget in SAP S/4HANA and posts an approval notification to Microsoft Teams.
tags:
- procurement
- finance
- sap-ariba
- sap
- microsoft-teams
- approval
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: approve-requisition
description: Given an SAP Ariba requisition ID, fetch the requisition details, validate available budget in SAP S/4HANA, and notify the approver in Microsoft Teams.
inputParameters:
- name: requisition_id
in: body
type: string
description: The SAP Ariba purchase requisition ID.
- name: approver_email
in: body
type: string
description: Email address of the designated approver.
steps:
- name: get-requisition
type: call
call: ariba.get-requisition
with:
requisition_id: '{{requisition_id}}'
- name: check-budget
type: call
call: sap-budget.get-cost-center-budget
with:
cost_center: '{{get-requisition.cost_center}}'
fiscal_year: '{{get-requisition.fiscal_year}}'
- name: notify-approver
type: call
call: msteams-notify.send-message
with:
recipient: '{{approver_email}}'
message: 'Requisition {{requisition_id}} for {{get-requisition.total_amount}} {{get-requisition.currency}} awaits your approval. Available budget: {{check-budget.available_amount}}.'
consumes:
- type: http
namespace: ariba
baseUri: https://openapi.ariba.com/api/purchase-requisition/v1
authentication:
type: apikey
key: APIKey
value: $secrets.ariba_api_key
placement: header
resources:
- name: requisitions
path: /requisitions/{{requisition_id}}
inputParameters:
- name: requisition_id
in: path
operations:
- name: get-requisition
method: GET
- type: http
namespace: sap-budget
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/FM_BUDGET_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: cost-center-budgets
path: /BudgetAvailability
operations:
- name: get-cost-center-budget
method: GET
- type: http
namespace: msteams-notify
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: chat-messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-message
method: POST
When a chipset reaches end-of-life, retrieves affected customer accounts from Salesforce, generates a last-buy notification, and updates the product status in SAP.
naftiko: '0.5'
info:
label: Product End-of-Life Notification Orchestrator
description: When a chipset reaches end-of-life, retrieves affected customer accounts from Salesforce, generates a last-buy notification, and updates the product status in SAP.
tags:
- product-lifecycle
- salesforce
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: product-lifecycle
port: 8080
tools:
- name: process-eol-notification
description: Orchestrate product EOL notification across Salesforce, SAP, and Teams.
inputParameters:
- name: product_id
in: body
type: string
description: The chipset product ID being discontinued.
- name: last_buy_date
in: body
type: string
description: The last-buy date in YYYY-MM-DD format.
steps:
- name: get-affected-customers
type: call
call: salesforce.query
with:
soql: SELECT Account.Name, Account.Id FROM OpportunityLineItem WHERE Product2.ProductCode = '{{product_id}}' AND Opportunity.IsClosed = false
- name: update-sap-status
type: call
call: sap.update-material-status
with:
material: '{{product_id}}'
status: EOL
last_buy_date: '{{last_buy_date}}'
- name: notify-sales
type: call
call: msteams.send-message
with:
channel: sales-operations
message: 'EOL Notice: Product {{product_id}} discontinued. Last buy: {{last_buy_date}}. Affected accounts: {{get-affected-customers.totalSize}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_PRODUCT_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: materials
path: /A_Product('{{material}}')
inputParameters:
- name: material
in: path
operations:
- name: update-material-status
method: PATCH
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/sales-operations/channels/general/messages
operations:
- name: send-message
method: POST
Scans Okta for users without MFA enrolled and sends a compliance warning via Microsoft Teams, with automatic suspension after the grace period.
naftiko: '0.5'
info:
label: Okta MFA Compliance Enforcement
description: Scans Okta for users without MFA enrolled and sends a compliance warning via Microsoft Teams, with automatic suspension after the grace period.
tags:
- security
- identity
- okta
- microsoft-teams
- compliance
capability:
exposes:
- type: mcp
namespace: mfa-compliance
port: 8080
tools:
- name: enforce-mfa-compliance
description: Query Okta for active users without MFA enrolled, send each a Teams warning message, and return the list of non-compliant users for escalation.
inputParameters:
- name: grace_days
in: body
type: integer
description: Number of days before automatic account suspension for non-compliant users.
steps:
- name: get-non-mfa-users
type: call
call: okta.list-users-without-mfa
with:
status: ACTIVE
- name: send-warnings
type: call
call: msteams.broadcast-mfa-warning
with:
channel_id: security-compliance
message: '{{get-non-mfa-users.count}} users have not enrolled in MFA. Grace period: {{grace_days}} days before suspension.'
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_api_token
placement: header
resources:
- name: users
path: /users
operations:
- name: list-users-without-mfa
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: broadcast-mfa-warning
method: POST
At month end, triggers the SAP S/4HANA period-close process, exports a trial balance, and posts a confirmation message to the finance Microsoft Teams channel.
naftiko: '0.5'
info:
label: SAP Period-Close Financial Reconciliation
description: At month end, triggers the SAP S/4HANA period-close process, exports a trial balance, and posts a confirmation message to the finance Microsoft Teams channel.
tags:
- finance
- erp
- sap
- microsoft-teams
- period-close
capability:
exposes:
- type: mcp
namespace: finance-close
port: 8080
tools:
- name: run-period-close
description: Given a fiscal period and company code, trigger SAP S/4HANA period-close postings and notify the finance team in Teams when complete.
inputParameters:
- name: company_code
in: body
type: string
description: The SAP company code (e.g., 1000 for Qualcomm US).
- name: fiscal_period
in: body
type: string
description: Fiscal period in YYYYMM format.
steps:
- name: trigger-close
type: call
call: sap.trigger-period-close
with:
company_code: '{{company_code}}'
fiscal_period: '{{fiscal_period}}'
- name: notify-finance
type: call
call: msteams.post-close-notification
with:
channel_id: finance-team
message: 'Period close for {{fiscal_period}} (company code {{company_code}}) initiated. SAP job ID: {{trigger-close.job_id}}'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_JOURNALENTRYITEMBASIC_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: period-close
path: /A_CompanyCode('{{company_code}}')/to_PeriodClose
inputParameters:
- name: company_code
in: path
operations:
- name: trigger-period-close
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-close-notification
method: POST
Retires IT assets by updating the ServiceNow CMDB, revoking Okta access tied to the device, and creating an SAP asset disposal record.
naftiko: '0.5'
info:
label: IT Asset Lifecycle Retirement Orchestrator
description: Retires IT assets by updating the ServiceNow CMDB, revoking Okta access tied to the device, and creating an SAP asset disposal record.
tags:
- itsm
- servicenow
- okta
- sap
capability:
exposes:
- type: mcp
namespace: asset-mgmt
port: 8080
tools:
- name: retire-it-asset
description: Orchestrate IT asset retirement across ServiceNow, Okta, and SAP.
inputParameters:
- name: asset_tag
in: body
type: string
description: The IT asset tag number.
steps:
- name: get-asset-details
type: call
call: servicenow.get-ci
with:
asset_tag: '{{asset_tag}}'
- name: revoke-device-access
type: call
call: okta.deactivate-device
with:
device_id: '{{get-asset-details.device_id}}'
- name: create-disposal-record
type: call
call: sap.create-asset-disposal
with:
asset_number: '{{get-asset-details.sap_asset_number}}'
disposal_date: '{{today}}'
- name: update-cmdb
type: call
call: servicenow.update-ci
with:
sys_id: '{{get-asset-details.sys_id}}'
install_status: retired
consumes:
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cmdb
path: /table/cmdb_ci?sysparm_query=asset_tag={{asset_tag}}
inputParameters:
- name: asset_tag
in: query
operations:
- name: get-ci
method: GET
- name: update-ci
method: PATCH
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: devices
path: /devices/{{device_id}}/lifecycle/deactivate
inputParameters:
- name: device_id
in: path
operations:
- name: deactivate-device
method: POST
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_FIXEDASSET_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: asset-disposal
path: /A_FixedAssetRetirement
operations:
- name: create-asset-disposal
method: POST
Retrieves the status and expiration date of a contract in SAP Ariba by contract ID.
naftiko: '0.5'
info:
label: SAP Ariba Contract Status Lookup
description: Retrieves the status and expiration date of a contract in SAP Ariba by contract ID.
tags:
- procurement
- sap
- contract-management
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: get-contract-status
description: Look up a contract in SAP Ariba and return its status, effective date, and expiration date.
inputParameters:
- name: contract_id
in: body
type: string
description: The SAP Ariba contract ID.
call: ariba.get-contract
with:
contract_id: '{{contract_id}}'
outputParameters:
- name: status
type: string
mapping: $.Status
- name: effective_date
type: string
mapping: $.EffectiveDate
- name: expiration_date
type: string
mapping: $.ExpirationDate
consumes:
- type: http
namespace: ariba
baseUri: https://openapi.ariba.com/api/contract-compliance/v1
authentication:
type: bearer
token: $secrets.ariba_token
resources:
- name: contracts
path: /contracts/{{contract_id}}
inputParameters:
- name: contract_id
in: path
operations:
- name: get-contract
method: GET
Validates export compliance for semiconductor shipments by checking customer details in Salesforce, verifying export classifications in SAP, and logging the compliance check in ServiceNow.
naftiko: '0.5'
info:
label: Semiconductor Export Compliance Check Orchestrator
description: Validates export compliance for semiconductor shipments by checking customer details in Salesforce, verifying export classifications in SAP, and logging the compliance check in ServiceNow.
tags:
- compliance
- supply-chain
- salesforce
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: export-compliance
port: 8080
tools:
- name: check-export-compliance
description: Orchestrate export compliance validation across Salesforce, SAP, and ServiceNow.
inputParameters:
- name: order_id
in: body
type: string
description: The sales order ID.
- name: destination_country
in: body
type: string
description: The destination country code.
steps:
- name: get-customer-details
type: call
call: salesforce.get-account-by-order
with:
order_id: '{{order_id}}'
- name: check-export-classification
type: call
call: sap.get-export-classification
with:
order_id: '{{order_id}}'
country: '{{destination_country}}'
- name: log-compliance-check
type: call
call: servicenow.create-incident
with:
short_description: 'Export compliance check: Order {{order_id}} to {{destination_country}}'
category: compliance
description: 'Customer: {{get-customer-details.name}}. Classification: {{check-export-classification.eccn}}. Status: {{check-export-classification.status}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Order/{{order_id}}
inputParameters:
- name: order_id
in: path
operations:
- name: get-account-by-order
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_EXPORT_CONTROL_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: export-classification
path: /A_ExportControl?$filter=SalesOrder eq '{{order_id}}'
inputParameters:
- name: order_id
in: query
operations:
- name: get-export-classification
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Retrieves cloud recording details for a specified Zoom meeting ID.
naftiko: '0.5'
info:
label: Zoom Meeting Recording Lookup
description: Retrieves cloud recording details for a specified Zoom meeting ID.
tags:
- collaboration
- zoom
- meetings
capability:
exposes:
- type: mcp
namespace: collaboration
port: 8080
tools:
- name: get-meeting-recordings
description: Look up cloud recordings for a Zoom meeting and return recording URLs and duration.
inputParameters:
- name: meeting_id
in: body
type: string
description: The Zoom meeting ID.
call: zoom.get-recordings
with:
meeting_id: '{{meeting_id}}'
outputParameters:
- name: recording_count
type: number
mapping: $.recording_count
- name: recording_files
type: array
mapping: $.recording_files[*].download_url
consumes:
- type: http
namespace: zoom
baseUri: https://api.zoom.us/v2
authentication:
type: bearer
token: $secrets.zoom_token
resources:
- name: recordings
path: /meetings/{{meeting_id}}/recordings
inputParameters:
- name: meeting_id
in: path
operations:
- name: get-recordings
method: GET
Queries Snowflake query history to surface long-running and high-cost queries, then publishes a weekly optimization digest to the data engineering Teams channel.
naftiko: '0.5'
info:
label: Snowflake Query Performance Digest
description: Queries Snowflake query history to surface long-running and high-cost queries, then publishes a weekly optimization digest to the data engineering Teams channel.
tags:
- data
- analytics
- snowflake
- microsoft-teams
- performance
capability:
exposes:
- type: mcp
namespace: data-performance
port: 8080
tools:
- name: digest-query-performance
description: Fetch the top 20 longest-running Snowflake queries from the past 7 days and post an optimization digest to the data engineering Teams channel.
inputParameters:
- name: channel_id
in: body
type: string
description: Microsoft Teams channel ID for the data engineering team.
steps:
- name: get-slow-queries
type: call
call: snowflake.get-query-history
with:
limit: 20
- name: post-digest
type: call
call: msteams.post-performance-digest
with:
channel_id: '{{channel_id}}'
message: 'Weekly Snowflake query digest: {{get-slow-queries.total_compute_credits}} credits consumed by top 20 queries. Review and optimize.'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: query-history
path: /queries/history
operations:
- name: get-query-history
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-performance-digest
method: POST
Queries Snowflake to return the current row count for a specified table in the analytics warehouse.
naftiko: '0.5'
info:
label: Snowflake Table Row Count Lookup
description: Queries Snowflake to return the current row count for a specified table in the analytics warehouse.
tags:
- data-engineering
- snowflake
- analytics
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: get-table-row-count
description: Execute a count query against a Snowflake table and return the row count.
inputParameters:
- name: table_name
in: body
type: string
description: Fully qualified Snowflake table name (e.g., DB.SCHEMA.TABLE).
call: snowflake.execute-query
with:
statement: SELECT COUNT(*) as row_count FROM {{table_name}}
outputParameters:
- name: row_count
type: number
mapping: $.data[0][0]
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
Generates a weekly engineering standup digest by pulling sprint progress from Jira, build health from GitHub Actions, and service metrics from Datadog, then posts to Teams.
naftiko: '0.5'
info:
label: Weekly Engineering Standup Digest Orchestrator
description: Generates a weekly engineering standup digest by pulling sprint progress from Jira, build health from GitHub Actions, and service metrics from Datadog, then posts to Teams.
tags:
- agile
- jira
- github
- datadog
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: engineering-ops
port: 8080
tools:
- name: generate-standup-digest
description: Orchestrate weekly standup digest across Jira, GitHub, Datadog, and Teams.
inputParameters:
- name: sprint_id
in: body
type: string
description: The Jira sprint ID.
- name: team_name
in: body
type: string
description: The engineering team name.
steps:
- name: get-sprint-progress
type: call
call: jira.get-sprint
with:
sprint_id: '{{sprint_id}}'
- name: get-build-health
type: call
call: github.get-workflow-runs
with:
org: qualcomm
per_page: 20
- name: get-service-health
type: call
call: datadog.get-slo-summary
with:
tag: team:{{team_name}}
- name: post-digest
type: call
call: msteams.send-message
with:
channel: '{{team_name}}-standup'
message: 'Weekly Digest: Sprint {{get-sprint-progress.name}} - {{get-sprint-progress.completedIssuesCount}}/{{get-sprint-progress.issuesCount}} done. Build success rate: {{get-build-health.success_rate}}%. SLO compliance: {{get-service-health.compliance}}%.'
consumes:
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/agile/1.0
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: sprints
path: /sprint/{{sprint_id}}
inputParameters:
- name: sprint_id
in: path
operations:
- name: get-sprint
method: GET
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /orgs/{{org}}/actions/runs
inputParameters:
- name: org
in: path
operations:
- name: get-workflow-runs
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: slos
path: /slo
operations:
- name: get-slo-summary
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/{{team_name}}-standup/channels/general/messages
operations:
- name: send-message
method: POST
Queries Azure Cost Management for the month-to-date spend of a specified resource group.
naftiko: '0.5'
info:
label: Azure Resource Group Cost Lookup
description: Queries Azure Cost Management for the month-to-date spend of a specified resource group.
tags:
- cloud
- microsoft-azure
- finops
capability:
exposes:
- type: mcp
namespace: cloud-cost
port: 8080
tools:
- name: get-resource-group-cost
description: Retrieve month-to-date cost for an Azure resource group.
inputParameters:
- name: resource_group
in: body
type: string
description: The Azure resource group name.
call: azure.get-cost-summary
with:
resource_group: '{{resource_group}}'
outputParameters:
- name: mtd_cost
type: number
mapping: $.properties.rows[0][0]
- name: currency
type: string
mapping: $.properties.columns[0].name
consumes:
- type: http
namespace: azure
baseUri: https://management.azure.com
authentication:
type: bearer
token: $secrets.azure_token
resources:
- name: cost-management
path: /subscriptions/{{subscription_id}}/resourceGroups/{{resource_group}}/providers/Microsoft.CostManagement/query
inputParameters:
- name: resource_group
in: path
operations:
- name: get-cost-summary
method: POST
Retrieves current stock levels for a specified material number from SAP S/4HANA inventory management.
naftiko: '0.5'
info:
label: SAP Inventory Stock Level Lookup
description: Retrieves current stock levels for a specified material number from SAP S/4HANA inventory management.
tags:
- supply-chain
- sap
- inventory
capability:
exposes:
- type: mcp
namespace: inventory
port: 8080
tools:
- name: get-stock-level
description: Look up current stock levels for a material in SAP S/4HANA. Returns available quantity, reserved quantity, and storage location.
inputParameters:
- name: material_number
in: body
type: string
description: The SAP material number to check stock for.
call: sap.get-material-stock
with:
material_number: '{{material_number}}'
outputParameters:
- name: available_qty
type: string
mapping: $.d.AvailableQuantity
- name: reserved_qty
type: string
mapping: $.d.ReservedQuantity
- name: storage_location
type: string
mapping: $.d.StorageLocation
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: material-stock
path: /A_MatlStkInAcctMod(Material='{{material_number}}')
inputParameters:
- name: material_number
in: path
operations:
- name: get-material-stock
method: GET
Retrieves recent messages from a specified Microsoft Teams channel.
naftiko: '0.5'
info:
label: Microsoft Teams Channel Message Lookup
description: Retrieves recent messages from a specified Microsoft Teams channel.
tags:
- collaboration
- microsoft-teams
- messaging
capability:
exposes:
- type: mcp
namespace: messaging
port: 8080
tools:
- name: get-channel-messages
description: Retrieve the last 10 messages from a Microsoft Teams channel.
inputParameters:
- name: team_id
in: body
type: string
description: The Microsoft Teams team ID.
- name: channel_id
in: body
type: string
description: The Microsoft Teams channel ID.
call: msteams.get-messages
with:
team_id: '{{team_id}}'
channel_id: '{{channel_id}}'
outputParameters:
- name: messages
type: array
mapping: $.value[*].body.content
consumes:
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages?$top=10
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: get-messages
method: GET
When a GitHub Actions CI pipeline fails on a protected branch, creates a Jira bug, posts a Datadog deployment event, and alerts the engineering team in Microsoft Teams.
naftiko: '0.5'
info:
label: GitHub Pull Request CI/CD Failure Handler
description: When a GitHub Actions CI pipeline fails on a protected branch, creates a Jira bug, posts a Datadog deployment event, and alerts the engineering team in Microsoft Teams.
tags:
- devops
- cicd
- github
- jira
- datadog
- microsoft-teams
- incident-response
capability:
exposes:
- type: mcp
namespace: devops-ops
port: 8080
tools:
- name: handle-pipeline-failure
description: Given a GitHub Actions pipeline failure event, create a Jira bug with full context, record a Datadog deployment failure event, and alert the engineering Teams channel.
inputParameters:
- name: repository
in: body
type: string
description: The GitHub repository name in owner/repo format.
- name: branch
in: body
type: string
description: The branch name where the pipeline failed.
- name: run_id
in: body
type: string
description: The GitHub Actions run ID for the failed pipeline.
- name: commit_sha
in: body
type: string
description: The commit SHA that triggered the pipeline.
steps:
- name: get-run
type: call
call: github.get-workflow-run
with:
repository: '{{repository}}'
run_id: '{{run_id}}'
- name: create-bug
type: call
call: jira.create-issue
with:
project_key: ENG
issuetype: Bug
summary: '[CI Failure] {{repository}} / {{branch}}'
description: 'Run ID: {{run_id}}
Commit: {{commit_sha}}
URL: {{get-run.html_url}}'
- name: record-event
type: call
call: datadog.create-event
with:
title: 'CI failure: {{repository}} {{branch}}'
text: 'Commit {{commit_sha}} caused pipeline failure. Jira: {{create-bug.key}}'
alert_type: error
- name: alert-team
type: call
call: msteams.post-message
with:
channel_id: engineering-alerts
message: 'CI Failure in {{repository}} on {{branch}}. Jira: {{create-bug.key}}. Run: {{get-run.html_url}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repository}}/actions/runs/{{run_id}}
inputParameters:
- name: repository
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-message
method: POST
Queries Datadog APM for the p95 latency of a specified service over the last hour.
naftiko: '0.5'
info:
label: Datadog APM Service Latency Lookup
description: Queries Datadog APM for the p95 latency of a specified service over the last hour.
tags:
- observability
- datadog
- apm
capability:
exposes:
- type: mcp
namespace: monitoring
port: 8080
tools:
- name: get-service-latency
description: Retrieve p95 latency metrics for a service from Datadog APM over the last hour.
inputParameters:
- name: service_name
in: body
type: string
description: The Datadog service name to query.
call: datadog.query-metrics
with:
query: trace.http.request.duration.by.service.95p{service:{{service_name}}}
outputParameters:
- name: p95_latency_ms
type: number
mapping: $.series[0].pointlist[-1][1]
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
Updates customer health scores by pulling usage data from Snowflake, support case history from Salesforce, and updating the customer success dashboard in Power BI.
naftiko: '0.5'
info:
label: Customer Health Score Update Orchestrator
description: Updates customer health scores by pulling usage data from Snowflake, support case history from Salesforce, and updating the customer success dashboard in Power BI.
tags:
- sales
- snowflake
- salesforce
- power-bi
capability:
exposes:
- type: mcp
namespace: customer-success
port: 8080
tools:
- name: update-health-scores
description: Orchestrate customer health score updates across Snowflake, Salesforce, and Power BI.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID.
steps:
- name: get-usage-data
type: call
call: snowflake.execute-query
with:
statement: SELECT avg_daily_active_users, feature_adoption_pct, api_call_volume FROM customer_usage WHERE account_id = '{{account_id}}'
- name: get-support-history
type: call
call: salesforce.query
with:
soql: SELECT COUNT(Id) case_count, AVG(CSAT_Score__c) avg_csat FROM Case WHERE AccountId = '{{account_id}}' AND CreatedDate = LAST_90_DAYS
- name: refresh-dashboard
type: call
call: powerbi.trigger-refresh
with:
dataset_id: customer-health-dataset
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: refreshes
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Searches LinkedIn for candidates matching a job requisition, imports matches into Workday Recruiting, and schedules a Teams interview for top candidates.
naftiko: '0.5'
info:
label: LinkedIn Talent Sourcing Pipeline
description: Searches LinkedIn for candidates matching a job requisition, imports matches into Workday Recruiting, and schedules a Teams interview for top candidates.
tags:
- hr
- recruiting
- linkedin
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: talent-acquisition
port: 8080
tools:
- name: source-candidates
description: Given a Workday job requisition ID, search LinkedIn for matching candidates, create candidate profiles in Workday Recruiting, and notify the recruiter in Teams.
inputParameters:
- name: requisition_id
in: body
type: string
description: The Workday job requisition ID.
- name: recruiter_email
in: body
type: string
description: Email of the recruiter to notify.
steps:
- name: get-requisition
type: call
call: workday.get-job-requisition
with:
requisition_id: '{{requisition_id}}'
- name: search-candidates
type: call
call: linkedin.search-people
with:
keywords: '{{get-requisition.title}}'
location: '{{get-requisition.location}}'
- name: notify-recruiter
type: call
call: msteams.send-recruiter-message
with:
recipient: '{{recruiter_email}}'
message: 'Found {{search-candidates.count}} LinkedIn candidates for requisition {{requisition_id}}: {{get-requisition.title}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: job-requisitions
path: /qualcomm/jobRequisitions/{{requisition_id}}
inputParameters:
- name: requisition_id
in: path
operations:
- name: get-job-requisition
method: GET
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: people-search
path: /people
operations:
- name: search-people
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-recruiter-message
method: POST
When a chip tapeout milestone approaches, pulls design rule check status from the EDA tool, verifies sign-off in Jira, and posts a readiness summary to the engineering Teams channel.
naftiko: '0.5'
info:
label: Chip Design Tapeout Readiness Orchestrator
description: When a chip tapeout milestone approaches, pulls design rule check status from the EDA tool, verifies sign-off in Jira, and posts a readiness summary to the engineering Teams channel.
tags:
- chip-design
- manufacturing
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: chip-engineering
port: 8080
tools:
- name: check-tapeout-readiness
description: Orchestrate tapeout readiness by checking DRC status, Jira sign-off, and posting summary to Teams.
inputParameters:
- name: design_id
in: body
type: string
description: The chip design project identifier.
- name: jira_epic_key
in: body
type: string
description: The Jira epic tracking tapeout sign-off tasks.
steps:
- name: get-drc-status
type: call
call: snowflake.execute-query
with:
statement: SELECT design_id, drc_clean, lvs_clean, erc_clean FROM chip_signoff WHERE design_id = '{{design_id}}'
- name: get-signoff-tasks
type: call
call: jira.search-issues
with:
jql: epic = {{jira_epic_key}} AND status != Done
- name: post-readiness-summary
type: call
call: msteams.send-message
with:
channel: chip-engineering
message: 'Tapeout Readiness for {{design_id}}: DRC Clean={{get-drc-status.drc_clean}}, Open sign-off tasks={{get-signoff-tasks.total}}.'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: search
path: /search
operations:
- name: search-issues
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/chip-engineering/channels/general/messages
operations:
- name: send-message
method: POST
When a Datadog monitor alert fires, automatically creates a ServiceNow P2 incident with alert metadata and assigns it to the on-call team.
naftiko: '0.5'
info:
label: Datadog Alert to ServiceNow Incident Bridge
description: When a Datadog monitor alert fires, automatically creates a ServiceNow P2 incident with alert metadata and assigns it to the on-call team.
tags:
- observability
- monitoring
- datadog
- servicenow
- incident-response
capability:
exposes:
- type: mcp
namespace: alert-bridge
port: 8080
tools:
- name: bridge-alert-to-incident
description: Given a Datadog monitor ID and alert event, create a ServiceNow incident pre-populated with alert severity, monitor name, and Datadog event URL.
inputParameters:
- name: monitor_id
in: body
type: string
description: The Datadog monitor ID that triggered the alert.
- name: alert_severity
in: body
type: string
description: 'Severity of the alert: critical, warning, or no_data.'
steps:
- name: get-monitor
type: call
call: datadog.get-monitor
with:
monitor_id: '{{monitor_id}}'
- name: create-incident
type: call
call: servicenow.create-from-alert
with:
short_description: 'Datadog alert: {{get-monitor.name}}'
description: 'Monitor: {{get-monitor.name}}
Severity: {{alert_severity}}
Query: {{get-monitor.query}}'
urgency: '2'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: monitors
path: /monitor/{{monitor_id}}
inputParameters:
- name: monitor_id
in: path
operations:
- name: get-monitor
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-from-alert
method: POST
When a suspicious login is detected in Okta, suspends the user session, creates a ServiceNow security incident, and alerts the SOC team via Teams.
naftiko: '0.5'
info:
label: Okta Suspicious Login Response Orchestrator
description: When a suspicious login is detected in Okta, suspends the user session, creates a ServiceNow security incident, and alerts the SOC team via Teams.
tags:
- security
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: soc
port: 8080
tools:
- name: respond-to-suspicious-login
description: Orchestrate suspicious login response across Okta, ServiceNow, and Teams.
inputParameters:
- name: user_email
in: body
type: string
description: The email of the user with suspicious login.
- name: login_details
in: body
type: string
description: Details of the suspicious login event.
steps:
- name: suspend-session
type: call
call: okta.clear-user-sessions
with:
user_id: '{{user_email}}'
- name: create-security-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Suspicious login: {{user_email}}'
category: security
priority: '1'
description: '{{login_details}}'
- name: alert-soc
type: call
call: msteams.send-message
with:
channel: soc-alerts
message: 'Suspicious login detected for {{user_email}}. Session cleared. Incident: {{create-security-incident.number}}. Details: {{login_details}}.'
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: user-sessions
path: /users/{{user_id}}/sessions
inputParameters:
- name: user_id
in: path
operations:
- name: clear-user-sessions
method: DELETE
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/soc-alerts/channels/general/messages
operations:
- name: send-message
method: POST
Consolidates quarterly revenue forecasts by pulling pipeline data from Salesforce, financial actuals from SAP, and publishing a consolidated view to Power BI.
naftiko: '0.5'
info:
label: Quarterly Revenue Forecast Consolidation
description: Consolidates quarterly revenue forecasts by pulling pipeline data from Salesforce, financial actuals from SAP, and publishing a consolidated view to Power BI.
tags:
- finance
- salesforce
- sap
- power-bi
capability:
exposes:
- type: mcp
namespace: finance
port: 8080
tools:
- name: consolidate-revenue-forecast
description: Orchestrate quarterly revenue forecast consolidation across Salesforce, SAP, and Power BI.
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: The fiscal quarter (e.g., Q3FY26).
steps:
- name: get-pipeline-data
type: call
call: salesforce.query
with:
soql: SELECT SUM(Amount) total_pipeline FROM Opportunity WHERE FiscalQuarter = '{{fiscal_quarter}}' AND IsClosed = false
- name: get-actuals
type: call
call: sap.get-financial-actuals
with:
fiscal_period: '{{fiscal_quarter}}'
- name: refresh-dashboard
type: call
call: powerbi.trigger-refresh
with:
dataset_id: revenue-forecast-dataset
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_FINANCIAL_ACTUALS_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: actuals
path: /A_FinancialActuals?$filter=FiscalPeriod eq '{{fiscal_period}}'
inputParameters:
- name: fiscal_period
in: query
operations:
- name: get-financial-actuals
method: GET
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: refreshes
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
When a new design win is registered, creates a Salesforce opportunity, provisions a support ticket in ServiceNow, and notifies the product management team via Teams.
naftiko: '0.5'
info:
label: OEM Customer Design Win Orchestrator
description: When a new design win is registered, creates a Salesforce opportunity, provisions a support ticket in ServiceNow, and notifies the product management team via Teams.
tags:
- sales
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: design-wins
port: 8080
tools:
- name: register-design-win
description: Orchestrate design win registration across Salesforce, ServiceNow, and Teams.
inputParameters:
- name: customer_name
in: body
type: string
description: The OEM customer name.
- name: chipset
in: body
type: string
description: The Qualcomm chipset selected.
- name: estimated_volume
in: body
type: number
description: Estimated annual unit volume.
steps:
- name: create-opportunity
type: call
call: salesforce.create-opportunity
with:
name: 'Design Win: {{customer_name}} - {{chipset}}'
stage: Design Win
amount: '{{estimated_volume}}'
- name: create-support-engagement
type: call
call: servicenow.create-incident
with:
short_description: 'Design Win Support: {{customer_name}} - {{chipset}}'
category: customer_engineering
priority: '2'
- name: notify-product-team
type: call
call: msteams.send-message
with:
channel: product-management
message: 'New Design Win: {{customer_name}} selected {{chipset}}. Volume: {{estimated_volume}} units. SF: {{create-opportunity.id}}, SN: {{create-support-engagement.number}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity
operations:
- name: create-opportunity
method: POST
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/product-management/channels/general/messages
operations:
- name: send-message
method: POST
Orchestrates a firmware release for Qualcomm 5G modem chipsets by verifying CI/CD pipeline status in GitHub Actions, creating a Jira release ticket, and publishing release notes to Confluence.
naftiko: '0.5'
info:
label: 5G Modem Firmware Release Orchestrator
description: Orchestrates a firmware release for Qualcomm 5G modem chipsets by verifying CI/CD pipeline status in GitHub Actions, creating a Jira release ticket, and publishing release notes to Confluence.
tags:
- chip-design
- product-lifecycle
- github
- jira
- confluence
capability:
exposes:
- type: mcp
namespace: firmware-release
port: 8080
tools:
- name: orchestrate-firmware-release
description: Orchestrate 5G modem firmware release across GitHub, Jira, and Confluence.
inputParameters:
- name: repo_name
in: body
type: string
description: The firmware GitHub repository name.
- name: release_version
in: body
type: string
description: The firmware release version tag.
steps:
- name: check-pipeline
type: call
call: github.get-workflow-run
with:
repo: '{{repo_name}}'
branch: release/{{release_version}}
- name: create-release-ticket
type: call
call: jira.create-issue
with:
project: 5GMODEM
summary: Firmware Release {{release_version}}
issue_type: Task
description: 'Pipeline status: {{check-pipeline.conclusion}}'
- name: publish-release-notes
type: call
call: confluence.create-page
with:
space: 5GFW
title: Release Notes - {{release_version}}
body: 'Firmware {{release_version}} released. CI status: {{check-pipeline.conclusion}}. Tracking: {{create-release-ticket.key}}.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repo}}/actions/runs?branch={{branch}}&per_page=1
inputParameters:
- name: repo
in: path
- name: branch
in: query
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
Collects audit evidence by extracting access logs from Okta, change records from ServiceNow, and financial controls from SAP, then publishes a consolidated report to Confluence.
naftiko: '0.5'
info:
label: Compliance Audit Evidence Collection Orchestrator
description: Collects audit evidence by extracting access logs from Okta, change records from ServiceNow, and financial controls from SAP, then publishes a consolidated report to Confluence.
tags:
- compliance
- okta
- servicenow
- sap
- confluence
capability:
exposes:
- type: mcp
namespace: compliance
port: 8080
tools:
- name: collect-audit-evidence
description: Orchestrate audit evidence collection across Okta, ServiceNow, SAP, and Confluence.
inputParameters:
- name: audit_period
in: body
type: string
description: The audit period (e.g., 2026-Q1).
- name: control_id
in: body
type: string
description: The SOX control identifier.
steps:
- name: get-access-logs
type: call
call: okta.get-system-logs
with:
since: '{{audit_period}}'
filter: eventType eq 'user.session.start'
- name: get-change-records
type: call
call: servicenow.search-change-requests
with:
period: '{{audit_period}}'
- name: get-financial-controls
type: call
call: sap.get-audit-trail
with:
period: '{{audit_period}}'
control_id: '{{control_id}}'
- name: publish-report
type: call
call: confluence.create-page
with:
space: COMPLIANCE
title: Audit Evidence - {{control_id}} - {{audit_period}}
body: 'Access events: {{get-access-logs.count}}, Change records: {{get-change-records.count}}, Financial controls validated: {{get-financial-controls.status}}.'
consumes:
- type: http
namespace: okta
baseUri: https://qualcomm.okta.com/api/v1
authentication:
type: bearer
token: $secrets.okta_token
resources:
- name: system-logs
path: /logs
operations:
- name: get-system-logs
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: search-change-requests
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_AUDIT_TRAIL_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: audit-trail
path: /A_AuditTrail
operations:
- name: get-audit-trail
method: GET
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
When a compensation change is approved in Workday, syncs the update to SAP payroll, updates the budget in Snowflake, and notifies HR via Teams.
naftiko: '0.5'
info:
label: Workday Compensation Change Propagation
description: When a compensation change is approved in Workday, syncs the update to SAP payroll, updates the budget in Snowflake, and notifies HR via Teams.
tags:
- hr
- workday
- sap
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-comp
port: 8080
tools:
- name: propagate-comp-change
description: Orchestrate compensation change propagation across Workday, SAP, Snowflake, and Teams.
inputParameters:
- name: worker_id
in: body
type: string
description: The Workday worker ID.
steps:
- name: get-comp-change
type: call
call: workday.get-compensation-change
with:
worker_id: '{{worker_id}}'
- name: sync-payroll
type: call
call: sap.update-payroll-record
with:
employee_id: '{{worker_id}}'
new_salary: '{{get-comp-change.new_amount}}'
- name: update-budget
type: call
call: snowflake.execute-query
with:
statement: UPDATE hr_budget SET allocated_salary = {{get-comp-change.new_amount}} WHERE worker_id = '{{worker_id}}'
- name: notify-hr
type: call
call: msteams.send-message
with:
channel: hr-operations
message: 'Compensation change processed for worker {{worker_id}}. New amount: {{get-comp-change.new_amount}}. Payroll and budget updated.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: compensation
path: /qualcomm/workers/{{worker_id}}/compensationHistory
inputParameters:
- name: worker_id
in: path
operations:
- name: get-compensation-change
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_PAYROLL_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: payroll
path: /A_PayrollRecord
operations:
- name: update-payroll-record
method: PATCH
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/hr-operations/channels/general/messages
operations:
- name: send-message
method: POST
When Datadog detects high CPU utilization on an AKS cluster, scales the node pool, creates a ServiceNow change request, and posts a notification to the SRE Teams channel.
naftiko: '0.5'
info:
label: Azure Kubernetes Cluster Scaling Orchestrator
description: When Datadog detects high CPU utilization on an AKS cluster, scales the node pool, creates a ServiceNow change request, and posts a notification to the SRE Teams channel.
tags:
- cloud
- microsoft-azure
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: cloud-ops
port: 8080
tools:
- name: scale-aks-cluster
description: Orchestrate AKS cluster scaling with Datadog monitoring, ServiceNow change management, and Teams notification.
inputParameters:
- name: cluster_name
in: body
type: string
description: The AKS cluster name.
- name: target_node_count
in: body
type: number
description: The target number of nodes.
steps:
- name: get-current-metrics
type: call
call: datadog.query-metrics
with:
query: avg:kubernetes.cpu.usage.total{kube_cluster_name:{{cluster_name}}}
- name: create-change-request
type: call
call: servicenow.create-change-request
with:
short_description: Scale AKS cluster {{cluster_name}} to {{target_node_count}} nodes
category: infrastructure
risk: moderate
- name: notify-sre
type: call
call: msteams.send-message
with:
channel: sre-operations
message: 'AKS Scaling: {{cluster_name}} scaling to {{target_node_count}} nodes. CPU util: {{get-current-metrics.p95_cpu}}%. CR: {{create-change-request.number}}.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/sre-operations/channels/general/messages
operations:
- name: send-message
method: POST
Orchestrates contract execution by sending the document for signature via DocuSign, updating the Salesforce opportunity stage, and notifying legal via Teams.
naftiko: '0.5'
info:
label: DocuSign Contract Execution Orchestrator
description: Orchestrates contract execution by sending the document for signature via DocuSign, updating the Salesforce opportunity stage, and notifying legal via Teams.
tags:
- sales
- contract-management
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: contract-execution
port: 8080
tools:
- name: execute-contract
description: Orchestrate contract execution across DocuSign, Salesforce, and Teams.
inputParameters:
- name: opportunity_id
in: body
type: string
description: The Salesforce opportunity ID.
- name: signer_email
in: body
type: string
description: The signer's email address.
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opportunity_id: '{{opportunity_id}}'
- name: send-for-signature
type: call
call: docusign.create-envelope
with:
subject: 'Contract: {{get-opportunity.Name}}'
signer_email: '{{signer_email}}'
- name: update-opportunity
type: call
call: salesforce.update-opportunity
with:
opportunity_id: '{{opportunity_id}}'
stage: Contract Sent
- name: notify-legal
type: call
call: msteams.send-message
with:
channel: legal-contracts
message: 'Contract sent for signature: {{get-opportunity.Name}}. DocuSign envelope: {{send-for-signature.envelopeId}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity/{{opportunity_id}}
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- name: update-opportunity
method: PATCH
- type: http
namespace: docusign
baseUri: https://na4.docusign.net/restapi/v2.1
authentication:
type: bearer
token: $secrets.docusign_token
resources:
- name: envelopes
path: /accounts/{{account_id}}/envelopes
operations:
- name: create-envelope
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/legal-contracts/channels/general/messages
operations:
- name: send-message
method: POST
Queries Palo Alto Networks firewall threat logs for a specified source IP over the last 24 hours.
naftiko: '0.5'
info:
label: Palo Alto Networks Threat Log Lookup
description: Queries Palo Alto Networks firewall threat logs for a specified source IP over the last 24 hours.
tags:
- security
- palo-alto-networks
- threat-detection
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: get-threat-logs
description: Retrieve threat log entries from Palo Alto Networks for a given source IP in the last 24 hours.
inputParameters:
- name: source_ip
in: body
type: string
description: The source IP address to query threat logs for.
call: paloalto.query-threat-logs
with:
source_ip: '{{source_ip}}'
outputParameters:
- name: threat_count
type: number
mapping: $.result.log.logs.@count
- name: entries
type: array
mapping: $.result.log.logs.entry
consumes:
- type: http
namespace: paloalto
baseUri: https://qualcomm-fw.panw.com/api
authentication:
type: apiKey
key: $secrets.paloalto_api_key
headerName: X-PAN-KEY
resources:
- name: threat-logs
path: /log?type=threat&query=(addr.src in {{source_ip}})
inputParameters:
- name: source_ip
in: query
operations:
- name: query-threat-logs
method: GET
When a new lead is created in Salesforce, enriches it with firmographic data and assigns it to the appropriate sales rep based on territory rules.
naftiko: '0.5'
info:
label: Salesforce Lead Enrichment and Assignment
description: When a new lead is created in Salesforce, enriches it with firmographic data and assigns it to the appropriate sales rep based on territory rules.
tags:
- crm
- sales
- salesforce
- lead-management
capability:
exposes:
- type: mcp
namespace: crm-leads
port: 8080
tools:
- name: enrich-and-assign-lead
description: Given a Salesforce lead ID, retrieve lead details, update the record with enriched company data, and assign it to the correct sales territory owner.
inputParameters:
- name: lead_id
in: body
type: string
description: The Salesforce lead record ID.
steps:
- name: get-lead
type: call
call: salesforce-lookup.get-lead
with:
lead_id: '{{lead_id}}'
- name: update-lead
type: call
call: salesforce-update.update-lead
with:
lead_id: '{{lead_id}}'
industry: '{{get-lead.industry}}'
annual_revenue: '{{get-lead.annual_revenue}}'
employee_count: '{{get-lead.number_of_employees}}'
consumes:
- type: http
namespace: salesforce-lookup
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead/{{lead_id}}
inputParameters:
- name: lead_id
in: path
operations:
- name: get-lead
method: GET
- type: http
namespace: salesforce-update
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead/{{lead_id}}
inputParameters:
- name: lead_id
in: path
operations:
- name: update-lead
method: PATCH
Manages database schema changes by reviewing the migration in GitHub, creating a ServiceNow change request, and notifying the DBA team via Teams for approval.
naftiko: '0.5'
info:
label: Database Schema Change Approval Orchestrator
description: Manages database schema changes by reviewing the migration in GitHub, creating a ServiceNow change request, and notifying the DBA team via Teams for approval.
tags:
- data-engineering
- github
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: dba-ops
port: 8080
tools:
- name: process-schema-change
description: Orchestrate database schema change approval across GitHub, ServiceNow, and Teams.
inputParameters:
- name: repo_name
in: body
type: string
description: The repository containing the migration.
- name: pr_number
in: body
type: number
description: The pull request number with the schema change.
steps:
- name: get-pr-details
type: call
call: github.get-pull-request
with:
repo: '{{repo_name}}'
pr_number: '{{pr_number}}'
- name: create-change-request
type: call
call: servicenow.create-change-request
with:
short_description: 'DB Schema Change: {{get-pr-details.title}}'
category: database
description: 'PR: {{get-pr-details.html_url}}'
- name: notify-dba
type: call
call: msteams.send-message
with:
channel: dba-team
message: 'Schema change approval needed: {{get-pr-details.title}}. PR: {{get-pr-details.html_url}}. CR: {{create-change-request.number}}.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: pull-requests
path: /repos/{{repo}}/pulls/{{pr_number}}
inputParameters:
- name: repo
in: path
- name: pr_number
in: path
operations:
- name: get-pull-request
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/dba-team/channels/general/messages
operations:
- name: send-message
method: POST
Identifies cloud cost savings by querying Azure cost anomalies, correlating with Datadog utilization metrics, and creating optimization recommendations in Jira.
naftiko: '0.5'
info:
label: Cloud Infrastructure Cost Optimization Orchestrator
description: Identifies cloud cost savings by querying Azure cost anomalies, correlating with Datadog utilization metrics, and creating optimization recommendations in Jira.
tags:
- finops
- microsoft-azure
- datadog
- jira
capability:
exposes:
- type: mcp
namespace: finops
port: 8080
tools:
- name: run-cost-optimization
description: Orchestrate cloud cost optimization across Azure, Datadog, and Jira.
inputParameters:
- name: subscription_id
in: body
type: string
description: The Azure subscription ID to analyze.
steps:
- name: get-cost-anomalies
type: call
call: azure.get-cost-anomalies
with:
subscription_id: '{{subscription_id}}'
- name: get-utilization
type: call
call: datadog.query-metrics
with:
query: avg:azure.vm.cpu_usage{subscription_id:{{subscription_id}}} by {resource_group}
- name: create-optimization-ticket
type: call
call: jira.create-issue
with:
project: FINOPS
summary: 'Cloud Cost Optimization: {{subscription_id}}'
issue_type: Task
description: 'Anomalies found: {{get-cost-anomalies.count}}. Low utilization resources identified.'
consumes:
- type: http
namespace: azure
baseUri: https://management.azure.com
authentication:
type: bearer
token: $secrets.azure_token
resources:
- name: cost-anomalies
path: /subscriptions/{{subscription_id}}/providers/Microsoft.CostManagement/alerts
inputParameters:
- name: subscription_id
in: path
operations:
- name: get-cost-anomalies
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
Retrieves details for a Jira issue including status, assignee, priority, and story points.
naftiko: '0.5'
info:
label: Jira Issue Details Lookup
description: Retrieves details for a Jira issue including status, assignee, priority, and story points.
tags:
- project-management
- jira
- agile
capability:
exposes:
- type: mcp
namespace: project-mgmt
port: 8080
tools:
- name: get-issue-details
description: Look up a Jira issue by key and return its status, assignee, priority, and story points.
inputParameters:
- name: issue_key
in: body
type: string
description: The Jira issue key (e.g., CHIP-1234).
call: jira.get-issue
with:
issue_key: '{{issue_key}}'
outputParameters:
- name: status
type: string
mapping: $.fields.status.name
- name: assignee
type: string
mapping: $.fields.assignee.displayName
- name: priority
type: string
mapping: $.fields.priority.name
- name: story_points
type: number
mapping: $.fields.customfield_10028
consumes:
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue/{{issue_key}}
inputParameters:
- name: issue_key
in: path
operations:
- name: get-issue
method: GET
Prepares executive business review materials by pulling revenue data from SAP, pipeline metrics from Salesforce, and refreshing the Power BI executive dashboard.
naftiko: '0.5'
info:
label: Executive Business Review Deck Orchestrator
description: Prepares executive business review materials by pulling revenue data from SAP, pipeline metrics from Salesforce, and refreshing the Power BI executive dashboard.
tags:
- finance
- sap
- salesforce
- power-bi
capability:
exposes:
- type: mcp
namespace: exec-reporting
port: 8080
tools:
- name: prepare-ebr-materials
description: Orchestrate executive business review preparation across SAP, Salesforce, and Power BI.
inputParameters:
- name: fiscal_quarter
in: body
type: string
description: The fiscal quarter for the review.
steps:
- name: get-revenue-data
type: call
call: sap.get-financial-actuals
with:
fiscal_period: '{{fiscal_quarter}}'
- name: get-pipeline-metrics
type: call
call: salesforce.query
with:
soql: SELECT StageName, SUM(Amount) amt, COUNT(Id) cnt FROM Opportunity WHERE FiscalQuarter = '{{fiscal_quarter}}' GROUP BY StageName
- name: refresh-exec-dashboard
type: call
call: powerbi.trigger-refresh
with:
dataset_id: executive-dashboard
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_FINANCIAL_ACTUALS_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: actuals
path: /A_FinancialActuals?$filter=FiscalPeriod eq '{{fiscal_period}}'
inputParameters:
- name: fiscal_period
in: query
operations:
- name: get-financial-actuals
method: GET
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: refreshes
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Polls Datadog for service health metrics and SLO status across Qualcomm's chip platform APIs, and opens a ServiceNow incident when thresholds are breached.
naftiko: '0.5'
info:
label: Datadog Service Health Monitor
description: Polls Datadog for service health metrics and SLO status across Qualcomm's chip platform APIs, and opens a ServiceNow incident when thresholds are breached.
tags:
- observability
- monitoring
- datadog
- servicenow
- incident-response
capability:
exposes:
- type: mcp
namespace: observability
port: 8080
tools:
- name: check-service-health
description: Given a Datadog service name and SLO ID, check current SLO compliance and create a ServiceNow P1 incident if the error budget is exhausted.
inputParameters:
- name: service_name
in: body
type: string
description: The Datadog service name to check.
- name: slo_id
in: body
type: string
description: The Datadog SLO ID to evaluate.
steps:
- name: get-slo-status
type: call
call: datadog.get-slo
with:
slo_id: '{{slo_id}}'
- name: create-incident
type: call
call: servicenow.create-p1-incident
with:
short_description: SLO breach detected for {{service_name}}
description: 'SLO {{slo_id}} compliance: {{get-slo-status.compliance}}. Error budget remaining: {{get-slo-status.error_budget_remaining}}.'
urgency: '1'
impact: '1'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: slos
path: /slo/{{slo_id}}
inputParameters:
- name: slo_id
in: path
operations:
- name: get-slo
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-p1-incident
method: POST
When an RF test failure is recorded, creates a Jira defect, escalates to the on-call engineer via PagerDuty, and posts failure details to the RF engineering Teams channel.
naftiko: '0.5'
info:
label: RF Engineering Test Failure Escalation
description: When an RF test failure is recorded, creates a Jira defect, escalates to the on-call engineer via PagerDuty, and posts failure details to the RF engineering Teams channel.
tags:
- chip-design
- manufacturing
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: rf-engineering
port: 8080
tools:
- name: escalate-rf-test-failure
description: Orchestrate RF test failure escalation across Jira, PagerDuty, and Teams.
inputParameters:
- name: test_id
in: body
type: string
description: The RF test case identifier.
- name: failure_details
in: body
type: string
description: Description of the RF test failure.
steps:
- name: create-defect
type: call
call: jira.create-issue
with:
project: RFENG
summary: 'RF Test Failure: {{test_id}}'
issue_type: Bug
priority: High
description: '{{failure_details}}'
- name: page-oncall
type: call
call: pagerduty.create-incident
with:
service_id: rf-engineering
title: 'RF Test Failure: {{test_id}}'
urgency: high
- name: notify-team
type: call
call: msteams.send-message
with:
channel: rf-engineering
message: 'RF Test Failure {{test_id}}: {{failure_details}}. Jira: {{create-defect.key}}, PagerDuty incident created.'
consumes:
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: bearer
token: $secrets.pagerduty_token
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/rf-engineering/channels/general/messages
operations:
- name: send-message
method: POST
Retrieves the bill of materials for a specified material from SAP S/4HANA, returning component list and quantities.
naftiko: '0.5'
info:
label: SAP Material Bill of Materials Lookup
description: Retrieves the bill of materials for a specified material from SAP S/4HANA, returning component list and quantities.
tags:
- manufacturing
- sap
- product-lifecycle
capability:
exposes:
- type: mcp
namespace: engineering
port: 8080
tools:
- name: get-material-bom
description: Look up the bill of materials for a SAP material number and return component list with quantities.
inputParameters:
- name: material_number
in: body
type: string
description: The SAP material number.
- name: plant
in: body
type: string
description: The SAP plant code.
call: sap.get-bom
with:
material: '{{material_number}}'
plant: '{{plant}}'
outputParameters:
- name: components
type: array
mapping: $.d.results[*].Component
- name: quantities
type: array
mapping: $.d.results[*].ComponentQuantity
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_BILL_OF_MATERIAL_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: bom
path: /MaterialBOMItem?$filter=Material eq '{{material}}' and Plant eq '{{plant}}'
inputParameters:
- name: material
in: query
- name: plant
in: query
operations:
- name: get-bom
method: GET
Tracks a silicon wafer lot through the fabrication process by querying SAP manufacturing execution, checking yield data in Snowflake, and updating the ServiceNow CMDB record.
naftiko: '0.5'
info:
label: Silicon Wafer Lot Tracking Orchestrator
description: Tracks a silicon wafer lot through the fabrication process by querying SAP manufacturing execution, checking yield data in Snowflake, and updating the ServiceNow CMDB record.
tags:
- manufacturing
- supply-chain
- sap
- snowflake
- servicenow
capability:
exposes:
- type: mcp
namespace: fab-ops
port: 8080
tools:
- name: track-wafer-lot
description: Orchestrate wafer lot tracking across SAP MES, Snowflake yield data, and ServiceNow CMDB.
inputParameters:
- name: lot_id
in: body
type: string
description: The silicon wafer lot identifier.
steps:
- name: get-lot-status
type: call
call: sap.get-production-order
with:
lot_id: '{{lot_id}}'
- name: get-yield-data
type: call
call: snowflake.execute-query
with:
statement: SELECT lot_id, wafer_count, pass_count, yield_pct FROM fab_yield WHERE lot_id = '{{lot_id}}'
- name: update-cmdb
type: call
call: servicenow.update-ci
with:
ci_name: LOT-{{lot_id}}
status: '{{get-lot-status.status}}'
yield_pct: '{{get-yield-data.yield_pct}}'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_PRODUCTION_ORDER_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: production-orders
path: /A_ProductionOrder?$filter=ManufacturingOrder eq '{{lot_id}}'
inputParameters:
- name: lot_id
in: query
operations:
- name: get-production-order
method: GET
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cmdb
path: /table/cmdb_ci
operations:
- name: update-ci
method: PATCH
Generates a weekly digest of unestimated Jira backlog items and items blocked for more than five days, posted to the team's Microsoft Teams channel.
naftiko: '0.5'
info:
label: Jira Backlog Grooming Digest
description: Generates a weekly digest of unestimated Jira backlog items and items blocked for more than five days, posted to the team's Microsoft Teams channel.
tags:
- devops
- engineering
- jira
- microsoft-teams
- backlog-management
capability:
exposes:
- type: mcp
namespace: backlog-ops
port: 8080
tools:
- name: digest-backlog-health
description: Given a Jira project key, fetch unestimated and long-blocked backlog items and post a weekly health digest to the team's Teams channel.
inputParameters:
- name: project_key
in: body
type: string
description: The Jira project key (e.g., CHIP, PLATFORM).
- name: channel_id
in: body
type: string
description: Microsoft Teams channel ID to post the digest to.
steps:
- name: get-unestimated
type: call
call: jira.query-unestimated-backlog
with:
project_key: '{{project_key}}'
- name: post-digest
type: call
call: msteams.post-backlog-digest
with:
channel_id: '{{channel_id}}'
message: 'Backlog digest for {{project_key}}: {{get-unestimated.count}} unestimated issues need attention.'
consumes:
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issue-search
path: /search
operations:
- name: query-unestimated-backlog
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-backlog-digest
method: POST
Fetches current firewall security policy rules from Palo Alto Networks, identifies overly permissive rules, and opens a Jira remediation ticket for each violation.
naftiko: '0.5'
info:
label: Palo Alto Networks Firewall Rule Audit
description: Fetches current firewall security policy rules from Palo Alto Networks, identifies overly permissive rules, and opens a Jira remediation ticket for each violation.
tags:
- security
- network
- palo-alto-networks
- jira
- audit
capability:
exposes:
- type: mcp
namespace: network-security
port: 8080
tools:
- name: audit-firewall-rules
description: Query Palo Alto Networks for all security policy rules, detect any allow-all or overly broad rules, and create a Jira ticket for each violation found.
inputParameters:
- name: device_group
in: body
type: string
description: The Palo Alto Networks device group to audit.
steps:
- name: get-rules
type: call
call: paloalto.get-security-rules
with:
device_group: '{{device_group}}'
- name: create-remediation
type: call
call: jira.create-security-remediation
with:
project_key: SEC
issuetype: Task
summary: Firewall rule audit violations in {{device_group}}
description: Audit found {{get-rules.violation_count}} overly permissive rules in device group {{device_group}}.
consumes:
- type: http
namespace: paloalto
baseUri: https://qualcomm-panorama.paloaltonetworks.com/restapi/v10.1
authentication:
type: apikey
key: X-PAN-KEY
value: $secrets.paloalto_api_key
placement: header
resources:
- name: security-rules
path: /Objects/SecurityRules
operations:
- name: get-security-rules
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-security-remediation
method: POST
Retrieves the current follower count and follower demographics for the Qualcomm LinkedIn company page.
naftiko: '0.5'
info:
label: LinkedIn Company Follower Count Lookup
description: Retrieves the current follower count and follower demographics for the Qualcomm LinkedIn company page.
tags:
- marketing
- linkedin
- social-media
capability:
exposes:
- type: mcp
namespace: social
port: 8080
tools:
- name: get-follower-stats
description: Retrieve follower count and growth statistics for the Qualcomm LinkedIn company page.
inputParameters:
- name: time_range
in: body
type: string
description: Time range for follower growth data (e.g., last_30_days).
call: linkedin.get-follower-statistics
with:
organization_id: qualcomm
outputParameters:
- name: total_followers
type: number
mapping: $.elements[0].followerCounts.organicFollowerCount
- name: paid_followers
type: number
mapping: $.elements[0].followerCounts.paidFollowerCount
consumes:
- type: http
namespace: linkedin
baseUri: https://api.linkedin.com/v2
authentication:
type: bearer
token: $secrets.linkedin_token
resources:
- name: follower-statistics
path: /organizationalEntityFollowerStatistics?q=organizationalEntity&organizationalEntity=urn:li:organization:qualcomm
operations:
- name: get-follower-statistics
method: GET
Queries Snowflake for data pipeline task failures and warehouse credit consumption anomalies, and raises a Jira ticket when thresholds are exceeded.
naftiko: '0.5'
info:
label: Snowflake Data Pipeline Health Check
description: Queries Snowflake for data pipeline task failures and warehouse credit consumption anomalies, and raises a Jira ticket when thresholds are exceeded.
tags:
- data
- analytics
- snowflake
- jira
- monitoring
capability:
exposes:
- type: mcp
namespace: data-ops
port: 8080
tools:
- name: check-pipeline-health
description: Given a Snowflake warehouse name, query task history for failures in the last 24 hours and open a Jira incident if failures are detected.
inputParameters:
- name: warehouse_name
in: body
type: string
description: The Snowflake warehouse name to inspect.
steps:
- name: query-task-history
type: call
call: snowflake.get-task-history
with:
warehouse_name: '{{warehouse_name}}'
- name: raise-incident
type: call
call: jira.create-data-issue
with:
project_key: DATA
issuetype: Incident
summary: Snowflake pipeline failures in {{warehouse_name}}
description: 'Failed tasks detected in warehouse {{warehouse_name}}. Count: {{query-task-history.failure_count}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: task-history
path: /warehouses/{{warehouse_name}}/tasks/history
inputParameters:
- name: warehouse_name
in: path
operations:
- name: get-task-history
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-data-issue
method: POST
Opens a ServiceNow change request for a planned infrastructure or chip platform change, routes it for approval, and notifies stakeholders in Microsoft Teams.
naftiko: '0.5'
info:
label: ServiceNow Change Request Lifecycle
description: Opens a ServiceNow change request for a planned infrastructure or chip platform change, routes it for approval, and notifies stakeholders in Microsoft Teams.
tags:
- itsm
- change-management
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: itsm
port: 8080
tools:
- name: open-change-request
description: Given a change description, risk level, and scheduled window, create a ServiceNow change request and notify the change advisory board in Teams.
inputParameters:
- name: short_description
in: body
type: string
description: Brief description of the proposed change.
- name: risk_level
in: body
type: string
description: 'Risk level: low, medium, or high.'
- name: scheduled_start
in: body
type: string
description: Planned start datetime in ISO 8601 format.
- name: scheduled_end
in: body
type: string
description: Planned end datetime in ISO 8601 format.
steps:
- name: create-change
type: call
call: servicenow.create-change-request
with:
short_description: '{{short_description}}'
risk: '{{risk_level}}'
start_date: '{{scheduled_start}}'
end_date: '{{scheduled_end}}'
- name: notify-cab
type: call
call: msteams.notify-channel
with:
channel_id: change-advisory-board
message: 'New change request {{create-change.number}}: {{short_description}} | Risk: {{risk_level}} | Window: {{scheduled_start}} to {{scheduled_end}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change-request
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: notify-channel
method: POST
Generates incident postmortems by pulling timeline data from ServiceNow, collecting metrics from Datadog, and publishing the postmortem document to Confluence.
naftiko: '0.5'
info:
label: Incident Postmortem Generation Orchestrator
description: Generates incident postmortems by pulling timeline data from ServiceNow, collecting metrics from Datadog, and publishing the postmortem document to Confluence.
tags:
- itsm
- servicenow
- datadog
- confluence
capability:
exposes:
- type: mcp
namespace: incident-mgmt
port: 8080
tools:
- name: generate-postmortem
description: Orchestrate incident postmortem generation across ServiceNow, Datadog, and Confluence.
inputParameters:
- name: incident_number
in: body
type: string
description: The ServiceNow incident number.
steps:
- name: get-incident-timeline
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: get-impact-metrics
type: call
call: datadog.query-metrics
with:
query: avg:service.errors{incident:{{incident_number}}}
- name: publish-postmortem
type: call
call: confluence.create-page
with:
space: SRE
title: 'Postmortem: {{incident_number}} - {{get-incident-timeline.short_description}}'
body: 'Incident: {{get-incident-timeline.short_description}}. Duration: {{get-incident-timeline.duration}}. Impact: {{get-impact-metrics.error_count}} errors. Root cause analysis pending.'
consumes:
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident?sysparm_query=number={{incident_number}}
inputParameters:
- name: incident_number
in: query
operations:
- name: get-incident
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: confluence
baseUri: https://qualcomm.atlassian.net/wiki/rest/api
authentication:
type: basic
username: $secrets.confluence_user
password: $secrets.confluence_api_token
resources:
- name: pages
path: /content
operations:
- name: create-page
method: POST
When a new GitHub release is tagged, generates release notes from merged pull requests and posts a summary to the product Microsoft Teams channel.
naftiko: '0.5'
info:
label: GitHub Release Notes Publisher
description: When a new GitHub release is tagged, generates release notes from merged pull requests and posts a summary to the product Microsoft Teams channel.
tags:
- devops
- engineering
- github
- microsoft-teams
- release-management
capability:
exposes:
- type: mcp
namespace: release-management
port: 8080
tools:
- name: publish-release-notes
description: Given a GitHub repository and release tag, fetch the release details and merged PRs, then post a formatted release summary to the product Teams channel.
inputParameters:
- name: repository
in: body
type: string
description: The GitHub repository in owner/repo format.
- name: release_tag
in: body
type: string
description: The release tag name (e.g., v2.4.1).
steps:
- name: get-release
type: call
call: github.get-release-by-tag
with:
repository: '{{repository}}'
tag: '{{release_tag}}'
- name: post-notes
type: call
call: msteams.post-release-announcement
with:
channel_id: product-releases
message: 'Release {{release_tag}} published for {{repository}}. {{get-release.name}}: {{get-release.body}}'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: releases
path: /repos/{{repository}}/releases/tags/{{tag}}
inputParameters:
- name: repository
in: path
- name: tag
in: path
operations:
- name: get-release-by-tag
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-release-announcement
method: POST
When a supply chain disruption is detected, queries SAP for affected purchase orders, identifies impacted Salesforce customer accounts, and sends an alert to the supply chain Teams channel.
naftiko: '0.5'
info:
label: Supply Chain Disruption Alert Orchestrator
description: When a supply chain disruption is detected, queries SAP for affected purchase orders, identifies impacted Salesforce customer accounts, and sends an alert to the supply chain Teams channel.
tags:
- supply-chain
- sap
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: supply-chain
port: 8080
tools:
- name: handle-disruption-alert
description: Orchestrate supply chain disruption response across SAP, Salesforce, and Teams.
inputParameters:
- name: supplier_id
in: body
type: string
description: The SAP supplier ID experiencing disruption.
- name: disruption_type
in: body
type: string
description: Type of disruption (e.g., delay, shortage, quality).
steps:
- name: get-affected-pos
type: call
call: sap.search-purchase-orders
with:
supplier: '{{supplier_id}}'
status: open
- name: get-impacted-accounts
type: call
call: salesforce.query
with:
soql: SELECT Id, Name FROM Account WHERE Supplier_ID__c = '{{supplier_id}}'
- name: send-alert
type: call
call: msteams.send-message
with:
channel: supply-chain-ops
message: 'Supply Chain Alert: {{disruption_type}} from supplier {{supplier_id}}. Affected POs: {{get-affected-pos.count}}, Impacted accounts: {{get-impacted-accounts.totalSize}}.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: purchase-orders
path: /A_PurchaseOrder?$filter=Supplier eq '{{supplier}}' and PurchasingDocumentDeletionCode eq ''
inputParameters:
- name: supplier
in: query
operations:
- name: search-purchase-orders
method: GET
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/supply-chain-ops/channels/general/messages
operations:
- name: send-message
method: POST
Retrieves open supplier invoices from SAP Ariba, matches them against SAP S/4HANA purchase orders, and flags discrepancies for finance review.
naftiko: '0.5'
info:
label: SAP Ariba Supplier Invoice Reconciliation
description: Retrieves open supplier invoices from SAP Ariba, matches them against SAP S/4HANA purchase orders, and flags discrepancies for finance review.
tags:
- finance
- procurement
- sap-ariba
- sap
- invoice-processing
capability:
exposes:
- type: mcp
namespace: invoice-reconciliation
port: 8080
tools:
- name: reconcile-supplier-invoices
description: Given a supplier ID and date range, fetch open invoices from SAP Ariba, match each against its SAP purchase order, and return a list of discrepancies.
inputParameters:
- name: supplier_id
in: body
type: string
description: The SAP Ariba supplier ID.
- name: from_date
in: body
type: string
description: Start date for invoice query in YYYY-MM-DD format.
- name: to_date
in: body
type: string
description: End date for invoice query in YYYY-MM-DD format.
steps:
- name: get-invoices
type: call
call: ariba.get-invoices
with:
supplier_id: '{{supplier_id}}'
from_date: '{{from_date}}'
to_date: '{{to_date}}'
- name: get-po-details
type: call
call: sap.get-po-for-invoice
with:
po_number: '{{get-invoices.po_number}}'
consumes:
- type: http
namespace: ariba
baseUri: https://openapi.ariba.com/api/invoice/v1
authentication:
type: apikey
key: APIKey
value: $secrets.ariba_api_key
placement: header
resources:
- name: invoices
path: /invoices
operations:
- name: get-invoices
method: GET
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/MM_PUR_PO_MAINT_V2_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: purchase-orders
path: /A_PurchaseOrder('{{po_number}}')
inputParameters:
- name: po_number
in: path
operations:
- name: get-po-for-invoice
method: GET
Retrieves the branch protection rules for a specified GitHub repository and branch.
naftiko: '0.5'
info:
label: GitHub Repository Branch Protection Lookup
description: Retrieves the branch protection rules for a specified GitHub repository and branch.
tags:
- devops
- github
- security
capability:
exposes:
- type: mcp
namespace: source-control
port: 8080
tools:
- name: get-branch-protection
description: Look up branch protection rules for a GitHub repository branch including required reviewers and status checks.
inputParameters:
- name: repo_name
in: body
type: string
description: The repository name in org/repo format.
- name: branch
in: body
type: string
description: The branch name to check protection rules for.
call: github.get-branch-protection
with:
repo: '{{repo_name}}'
branch: '{{branch}}'
outputParameters:
- name: required_reviewers
type: number
mapping: $.required_pull_request_reviews.required_approving_review_count
- name: enforce_admins
type: boolean
mapping: $.enforce_admins.enabled
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: branch-protection
path: /repos/{{repo}}/branches/{{branch}}/protection
inputParameters:
- name: repo
in: path
- name: branch
in: path
operations:
- name: get-branch-protection
method: GET
When an employee's role or department changes in Workday, updates their Salesforce profile, revises Okta group memberships, and notifies their new manager in Teams.
naftiko: '0.5'
info:
label: Workday Role Change Propagation
description: When an employee's role or department changes in Workday, updates their Salesforce profile, revises Okta group memberships, and notifies their new manager in Teams.
tags:
- hr
- identity
- workday
- salesforce
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-role-change
port: 8080
tools:
- name: propagate-role-change
description: Given a Workday employee ID and new role details, update the employee's Salesforce user profile, revise Okta group memberships, and send a Teams notification to the new manager.
inputParameters:
- name: employee_id
in: body
type: string
description: Workday worker ID of the employee changing roles.
- name: new_role
in: body
type: string
description: The new job title or role name.
- name: new_department
in: body
type: string
description: The new department name.
steps:
- name: get-employee
type: call
call: workday.get-worker
with:
worker_id: '{{employee_id}}'
- name: update-salesforce
type: call
call: salesforce.update-user-profile
with:
user_id: '{{get-employee.salesforce_user_id}}'
title: '{{new_role}}'
department: '{{new_department}}'
- name: notify-manager
type: call
call: msteams.send-role-change-notice
with:
recipient: '{{get-employee.manager_email}}'
message: '{{get-employee.full_name}} has moved to {{new_department}} as {{new_role}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /qualcomm/workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: users
path: /sobjects/User/{{user_id}}
inputParameters:
- name: user_id
in: path
operations:
- name: update-user-profile
method: PATCH
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-role-change-notice
method: POST
Processes quality notifications from SAP by retrieving defect details, creating a Jira investigation ticket, and alerting the quality engineering team via Teams.
naftiko: '0.5'
info:
label: SAP Quality Notification Orchestrator
description: Processes quality notifications from SAP by retrieving defect details, creating a Jira investigation ticket, and alerting the quality engineering team via Teams.
tags:
- manufacturing
- sap
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: quality-mgmt
port: 8080
tools:
- name: process-quality-notification
description: Orchestrate quality notification handling across SAP, Jira, and Teams.
inputParameters:
- name: notification_number
in: body
type: string
description: The SAP quality notification number.
steps:
- name: get-notification
type: call
call: sap.get-quality-notification
with:
notification_number: '{{notification_number}}'
- name: create-investigation
type: call
call: jira.create-issue
with:
project: QUAL
summary: 'Quality Issue: {{get-notification.description}}'
issue_type: Bug
priority: '{{get-notification.priority}}'
- name: alert-quality-team
type: call
call: msteams.send-message
with:
channel: quality-engineering
message: 'Quality Notification {{notification_number}}: {{get-notification.description}}. Material: {{get-notification.material}}. Jira: {{create-investigation.key}}.'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_QUALITY_NOTIFICATION_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: notifications
path: /A_QualityNotification('{{notification_number}}')
inputParameters:
- name: notification_number
in: path
operations:
- name: get-quality-notification
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/quality-engineering/channels/general/messages
operations:
- name: send-message
method: POST
Triggers the annual performance review cycle in Workday, assigns review tasks to all active employees, and sends kick-off notifications via Microsoft Teams.
naftiko: '0.5'
info:
label: Workday Performance Review Cycle Launcher
description: Triggers the annual performance review cycle in Workday, assigns review tasks to all active employees, and sends kick-off notifications via Microsoft Teams.
tags:
- hr
- performance-management
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: hr-performance
port: 8080
tools:
- name: launch-review-cycle
description: Given a review cycle name and deadline, initiate the Workday performance review process for all active employees and notify managers in Teams.
inputParameters:
- name: cycle_name
in: body
type: string
description: The performance review cycle name (e.g., 2025 Annual Review).
- name: deadline
in: body
type: string
description: Review completion deadline in YYYY-MM-DD format.
steps:
- name: create-cycle
type: call
call: workday.create-review-cycle
with:
name: '{{cycle_name}}'
deadline: '{{deadline}}'
- name: notify-managers
type: call
call: msteams.broadcast-review-kickoff
with:
channel_id: people-managers
message: 'Performance review cycle ''{{cycle_name}}'' is now open. Deadline: {{deadline}}. Workday cycle ID: {{create-cycle.cycle_id}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: review-cycles
path: /qualcomm/performanceReviews
operations:
- name: create-review-cycle
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: broadcast-review-kickoff
method: POST
When an API gateway rate limit breach is detected in Datadog, identifies the offending client, creates a Jira investigation ticket, and alerts the platform team via Teams.
naftiko: '0.5'
info:
label: API Gateway Rate Limit Breach Handler
description: When an API gateway rate limit breach is detected in Datadog, identifies the offending client, creates a Jira investigation ticket, and alerts the platform team via Teams.
tags:
- devops
- datadog
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: api-platform
port: 8080
tools:
- name: handle-rate-limit-breach
description: Orchestrate API rate limit breach response across Datadog, Jira, and Teams.
inputParameters:
- name: api_name
in: body
type: string
description: The API name that triggered the rate limit.
- name: client_id
in: body
type: string
description: The client ID exceeding the rate limit.
steps:
- name: get-usage-metrics
type: call
call: datadog.query-metrics
with:
query: sum:api.requests{api_name:{{api_name}},client_id:{{client_id}}}.rollup(sum, 3600)
- name: create-investigation
type: call
call: jira.create-issue
with:
project: PLATFORM
summary: 'Rate limit breach: {{api_name}} by {{client_id}}'
issue_type: Bug
description: 'Requests in last hour: {{get-usage-metrics.total_requests}}'
- name: alert-platform-team
type: call
call: msteams.send-message
with:
channel: api-platform
message: 'Rate limit breach on {{api_name}} by client {{client_id}}. Investigation: {{create-investigation.key}}.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
headerName: DD-API-KEY
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/api-platform/channels/general/messages
operations:
- name: send-message
method: POST
Manages open enrollment by pulling eligible employees from Workday, sending enrollment reminders via Teams, and tracking completion rates in Snowflake.
naftiko: '0.5'
info:
label: Workday Benefits Enrollment Orchestrator
description: Manages open enrollment by pulling eligible employees from Workday, sending enrollment reminders via Teams, and tracking completion rates in Snowflake.
tags:
- hr
- workday
- microsoft-teams
- snowflake
capability:
exposes:
- type: mcp
namespace: benefits
port: 8080
tools:
- name: manage-benefits-enrollment
description: Orchestrate benefits enrollment across Workday, Teams, and Snowflake.
inputParameters:
- name: enrollment_period
in: body
type: string
description: The enrollment period identifier.
steps:
- name: get-eligible-employees
type: call
call: workday.get-benefits-eligible
with:
period: '{{enrollment_period}}'
- name: get-completion-rates
type: call
call: snowflake.execute-query
with:
statement: SELECT enrolled_count, eligible_count, ROUND(enrolled_count*100.0/eligible_count,1) as pct FROM benefits_enrollment WHERE period = '{{enrollment_period}}'
- name: send-reminders
type: call
call: msteams.send-message
with:
channel: hr-benefits
message: 'Benefits Enrollment Update: {{get-completion-rates.pct}}% complete ({{get-completion-rates.enrolled_count}}/{{get-completion-rates.eligible_count}}). Reminder sent to pending employees.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: benefits
path: /qualcomm/benefits/eligibility?period={{period}}
inputParameters:
- name: period
in: query
operations:
- name: get-benefits-eligible
method: GET
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/hr-benefits/channels/general/messages
operations:
- name: send-message
method: POST
Syncs new or updated vendor records from SAP S/4HANA to SAP Ariba to ensure procurement catalog consistency across both systems.
naftiko: '0.5'
info:
label: SAP Vendor Master Data Sync
description: Syncs new or updated vendor records from SAP S/4HANA to SAP Ariba to ensure procurement catalog consistency across both systems.
tags:
- procurement
- finance
- sap
- sap-ariba
- data-sync
capability:
exposes:
- type: mcp
namespace: vendor-sync
port: 8080
tools:
- name: sync-vendor-to-ariba
description: Given a SAP vendor account number, fetch the vendor master record from SAP S/4HANA and upsert the corresponding supplier profile in SAP Ariba.
inputParameters:
- name: vendor_account
in: body
type: string
description: The SAP vendor account number.
steps:
- name: get-vendor
type: call
call: sap.get-vendor
with:
vendor_account: '{{vendor_account}}'
- name: upsert-supplier
type: call
call: ariba.upsert-supplier
with:
supplier_id: '{{get-vendor.vendor_account}}'
name: '{{get-vendor.name}}'
country: '{{get-vendor.country}}'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_BUSINESS_PARTNER
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: vendors
path: /A_Supplier('{{vendor_account}}')
inputParameters:
- name: vendor_account
in: path
operations:
- name: get-vendor
method: GET
- type: http
namespace: ariba
baseUri: https://openapi.ariba.com/api/supplier/v1
authentication:
type: apikey
key: APIKey
value: $secrets.ariba_api_key
placement: header
resources:
- name: suppliers
path: /suppliers/{{supplier_id}}
inputParameters:
- name: supplier_id
in: path
operations:
- name: upsert-supplier
method: PUT
Monitors data quality SLAs in Snowflake by running validation queries, logging results in ServiceNow, and alerting data stewards via Teams when thresholds are breached.
naftiko: '0.5'
info:
label: Snowflake Data Quality SLA Monitor Orchestrator
description: Monitors data quality SLAs in Snowflake by running validation queries, logging results in ServiceNow, and alerting data stewards via Teams when thresholds are breached.
tags:
- data-engineering
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: data-quality
port: 8080
tools:
- name: monitor-data-quality-sla
description: Orchestrate data quality SLA monitoring across Snowflake, ServiceNow, and Teams.
inputParameters:
- name: dataset_name
in: body
type: string
description: The Snowflake dataset to validate.
- name: sla_threshold
in: body
type: number
description: The data quality SLA threshold percentage.
steps:
- name: run-quality-checks
type: call
call: snowflake.execute-query
with:
statement: SELECT COUNT(*) total, SUM(CASE WHEN is_valid THEN 1 ELSE 0 END) valid FROM {{dataset_name}}_quality_checks
- name: log-results
type: call
call: servicenow.create-incident
with:
short_description: 'Data quality check: {{dataset_name}}'
category: data_quality
description: 'Total records: {{run-quality-checks.total}}, Valid: {{run-quality-checks.valid}}'
- name: alert-stewards
type: call
call: msteams.send-message
with:
channel: data-quality
message: 'Data Quality SLA for {{dataset_name}}: {{run-quality-checks.valid}}/{{run-quality-checks.total}} valid records. Threshold: {{sla_threshold}}%.'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/data-quality/channels/general/messages
operations:
- name: send-message
method: POST
When production yield drops below threshold, pulls yield data from Snowflake, creates an engineering review in Jira, and alerts the process engineering team via Teams.
naftiko: '0.5'
info:
label: Production Yield Alert to Engineering Review
description: When production yield drops below threshold, pulls yield data from Snowflake, creates an engineering review in Jira, and alerts the process engineering team via Teams.
tags:
- manufacturing
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: yield-management
port: 8080
tools:
- name: handle-yield-alert
description: Orchestrate yield alert response across Snowflake, Jira, and Teams.
inputParameters:
- name: product_line
in: body
type: string
description: The product line experiencing yield drop.
- name: current_yield
in: body
type: number
description: The current yield percentage.
steps:
- name: get-yield-trend
type: call
call: snowflake.execute-query
with:
statement: SELECT date, yield_pct FROM production_yield WHERE product_line = '{{product_line}}' ORDER BY date DESC LIMIT 30
- name: create-review
type: call
call: jira.create-issue
with:
project: FABENG
summary: 'Yield Alert: {{product_line}} at {{current_yield}}%'
issue_type: Task
priority: High
- name: alert-engineering
type: call
call: msteams.send-message
with:
channel: process-engineering
message: 'Yield Alert: {{product_line}} dropped to {{current_yield}}%. 30-day trend attached. Review: {{create-review.key}}.'
consumes:
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/process-engineering/channels/general/messages
operations:
- name: send-message
method: POST
Kicks off a new product introduction by creating a project in Jira, setting up a SAP material master, and scheduling a kickoff meeting via Zoom with the cross-functional team.
naftiko: '0.5'
info:
label: New Product Introduction Kickoff Orchestrator
description: Kicks off a new product introduction by creating a project in Jira, setting up a SAP material master, and scheduling a kickoff meeting via Zoom with the cross-functional team.
tags:
- product-lifecycle
- jira
- sap
- zoom
capability:
exposes:
- type: mcp
namespace: npi
port: 8080
tools:
- name: kickoff-npi
description: Orchestrate NPI kickoff across Jira, SAP, and Zoom.
inputParameters:
- name: product_name
in: body
type: string
description: The new product name.
- name: product_code
in: body
type: string
description: The product code for SAP material master.
- name: team_emails
in: body
type: string
description: Comma-separated list of team member emails.
steps:
- name: create-project
type: call
call: jira.create-issue
with:
project: NPI
summary: 'NPI: {{product_name}}'
issue_type: Epic
description: New Product Introduction for {{product_name}} ({{product_code}})
- name: create-material-master
type: call
call: sap.create-material
with:
material_number: '{{product_code}}'
description: '{{product_name}}'
material_type: CHIP
- name: schedule-kickoff
type: call
call: zoom.create-meeting
with:
topic: 'NPI Kickoff: {{product_name}}'
invitees: '{{team_emails}}'
duration: 60
consumes:
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_PRODUCT_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: materials
path: /A_Product
operations:
- name: create-material
method: POST
- type: http
namespace: zoom
baseUri: https://api.zoom.us/v2
authentication:
type: bearer
token: $secrets.zoom_token
resources:
- name: meetings
path: /users/me/meetings
operations:
- name: create-meeting
method: POST
Performs three-way matching of vendor invoices by comparing PO, goods receipt, and invoice data in SAP, then routing exceptions to the AP team via ServiceNow.
naftiko: '0.5'
info:
label: Vendor Invoice Three-Way Match Orchestrator
description: Performs three-way matching of vendor invoices by comparing PO, goods receipt, and invoice data in SAP, then routing exceptions to the AP team via ServiceNow.
tags:
- finance
- procurement
- sap
- servicenow
capability:
exposes:
- type: mcp
namespace: accounts-payable
port: 8080
tools:
- name: three-way-match
description: Orchestrate three-way invoice matching across SAP and ServiceNow.
inputParameters:
- name: invoice_number
in: body
type: string
description: The SAP invoice document number.
steps:
- name: get-invoice
type: call
call: sap.get-invoice
with:
invoice_number: '{{invoice_number}}'
- name: get-po-details
type: call
call: sap.get-po
with:
po_number: '{{get-invoice.po_number}}'
- name: get-goods-receipt
type: call
call: sap.get-goods-receipt
with:
po_number: '{{get-invoice.po_number}}'
- name: create-exception
type: call
call: servicenow.create-incident
with:
short_description: 'Three-way match exception: Invoice {{invoice_number}}'
category: accounts_payable
description: 'PO amount: {{get-po-details.total_value}}, GR amount: {{get-goods-receipt.total}}, Invoice amount: {{get-invoice.amount}}'
consumes:
- type: http
namespace: sap
baseUri: https://qualcomm-s4.sap.com/sap/opu/odata/sap/API_SUPPLIER_INVOICE_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: invoices
path: /A_SupplierInvoice('{{invoice_number}}')
inputParameters:
- name: invoice_number
in: path
operations:
- name: get-invoice
method: GET
- name: purchase-orders
path: /A_PurchaseOrder('{{po_number}}')
inputParameters:
- name: po_number
in: path
operations:
- name: get-po
method: GET
- name: goods-receipts
path: /A_InboundDelivery?$filter=PurchaseOrder eq '{{po_number}}'
inputParameters:
- name: po_number
in: query
operations:
- name: get-goods-receipt
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Triggers a Power BI dataset refresh on a scheduled basis and notifies the analytics team in Microsoft Teams with refresh status.
naftiko: '0.5'
info:
label: Power BI Report Refresh Trigger
description: Triggers a Power BI dataset refresh on a scheduled basis and notifies the analytics team in Microsoft Teams with refresh status.
tags:
- data
- analytics
- power-bi
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: analytics-reporting
port: 8080
tools:
- name: trigger-report-refresh
description: Given a Power BI workspace ID and dataset ID, trigger a dataset refresh and post the status to the analytics Teams channel.
inputParameters:
- name: workspace_id
in: body
type: string
description: The Power BI workspace (group) ID.
- name: dataset_id
in: body
type: string
description: The Power BI dataset ID to refresh.
steps:
- name: refresh-dataset
type: call
call: powerbi.trigger-refresh
with:
workspace_id: '{{workspace_id}}'
dataset_id: '{{dataset_id}}'
- name: notify-team
type: call
call: msteams.post-refresh-status
with:
channel_id: analytics-team
message: 'Power BI dataset {{dataset_id}} refresh triggered in workspace {{workspace_id}}. Status: {{refresh-dataset.status}}'
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /groups/{{workspace_id}}/datasets/{{dataset_id}}/refreshes
inputParameters:
- name: workspace_id
in: path
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-refresh-status
method: POST
Generates a daily digest of open Salesforce opportunities by stage and region, formatted for delivery in a Microsoft Teams channel.
naftiko: '0.5'
info:
label: Salesforce Opportunity Pipeline Digest
description: Generates a daily digest of open Salesforce opportunities by stage and region, formatted for delivery in a Microsoft Teams channel.
tags:
- crm
- sales
- salesforce
- microsoft-teams
- reporting
capability:
exposes:
- type: mcp
namespace: crm-reporting
port: 8080
tools:
- name: digest-opportunity-pipeline
description: Fetch all open Salesforce opportunities, group them by stage and region, and post a formatted pipeline summary to the sales Microsoft Teams channel.
inputParameters:
- name: teams_channel_id
in: body
type: string
description: The Microsoft Teams channel ID to post the digest to.
steps:
- name: get-opportunities
type: call
call: salesforce.query-opportunities
with:
stage: open
- name: post-digest
type: call
call: msteams.post-channel-message
with:
channel_id: '{{teams_channel_id}}'
message: 'Pipeline digest: {{get-opportunities.total_value}} across {{get-opportunities.count}} open opportunities.'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /query
operations:
- name: query-opportunities
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
Tracks mandatory training compliance by querying completion status in Workday, identifying non-compliant employees, and sending reminder notifications via Teams.
naftiko: '0.5'
info:
label: Workday Learning Compliance Tracker Orchestrator
description: Tracks mandatory training compliance by querying completion status in Workday, identifying non-compliant employees, and sending reminder notifications via Teams.
tags:
- hr
- compliance
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: learning
port: 8080
tools:
- name: track-training-compliance
description: Orchestrate training compliance tracking across Workday and Teams.
inputParameters:
- name: course_id
in: body
type: string
description: The Workday learning course ID.
- name: deadline
in: body
type: string
description: The compliance deadline in YYYY-MM-DD format.
steps:
- name: get-completion-status
type: call
call: workday.get-learning-completions
with:
course_id: '{{course_id}}'
- name: get-non-compliant
type: call
call: snowflake.execute-query
with:
statement: SELECT worker_id, email FROM employees WHERE worker_id NOT IN (SELECT worker_id FROM training_completions WHERE course_id = '{{course_id}}')
- name: send-reminders
type: call
call: msteams.send-message
with:
channel: hr-compliance
message: 'Training compliance for course {{course_id}}: {{get-completion-status.completed}}/{{get-completion-status.total}} complete. Deadline: {{deadline}}. {{get-non-compliant.count}} employees need reminders.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: learning
path: /qualcomm/learning/completions?course={{course_id}}
inputParameters:
- name: course_id
in: query
operations:
- name: get-learning-completions
method: GET
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/hr-compliance/channels/general/messages
operations:
- name: send-message
method: POST
When a ServiceNow P1 incident remains unresolved past its SLA breach time, escalates it by creating a Jira Engineering issue and alerting the CTO channel in Teams.
naftiko: '0.5'
info:
label: ServiceNow Incident Escalation to Jira
description: When a ServiceNow P1 incident remains unresolved past its SLA breach time, escalates it by creating a Jira Engineering issue and alerting the CTO channel in Teams.
tags:
- itsm
- incident-response
- servicenow
- jira
- microsoft-teams
- escalation
capability:
exposes:
- type: mcp
namespace: incident-escalation
port: 8080
tools:
- name: escalate-p1-incident
description: Given a ServiceNow incident number that has breached its P1 SLA, create a Jira Engineering ticket and notify the executive escalation Teams channel.
inputParameters:
- name: incident_number
in: body
type: string
description: The ServiceNow incident number (e.g., INC0012345).
steps:
- name: get-incident
type: call
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
- name: create-escalation
type: call
call: jira.create-escalation-ticket
with:
project_key: ENG
issuetype: Incident
summary: '[P1 Escalation] {{get-incident.short_description}}'
description: 'ServiceNow: {{incident_number}}
Impact: {{get-incident.impact}}
Opened: {{get-incident.opened_at}}'
- name: alert-leadership
type: call
call: msteams.post-escalation-alert
with:
channel_id: executive-escalations
message: 'P1 incident {{incident_number}} has breached SLA. Jira escalation: {{create-escalation.key}}. {{get-incident.short_description}}'
consumes:
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: get-incident
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-escalation-ticket
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{channel_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-escalation-alert
method: POST
Detects infrastructure drift by comparing Terraform state with actual Azure resources, creating a Jira remediation ticket, and alerting the platform team via Teams.
naftiko: '0.5'
info:
label: Terraform Infrastructure Drift Detection Orchestrator
description: Detects infrastructure drift by comparing Terraform state with actual Azure resources, creating a Jira remediation ticket, and alerting the platform team via Teams.
tags:
- devops
- cloud
- microsoft-azure
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: platform-engineering
port: 8080
tools:
- name: detect-infra-drift
description: Orchestrate infrastructure drift detection across Azure, Jira, and Teams.
inputParameters:
- name: workspace_name
in: body
type: string
description: The Terraform Cloud workspace name.
steps:
- name: get-workspace-status
type: call
call: github.get-workflow-run
with:
repo: qualcomm/infrastructure
workflow: drift-detection
- name: create-remediation
type: call
call: jira.create-issue
with:
project: INFRA
summary: 'Drift detected: {{workspace_name}}'
issue_type: Bug
description: 'Drift detection run: {{get-workspace-status.conclusion}}'
- name: alert-platform
type: call
call: msteams.send-message
with:
channel: platform-engineering
message: 'Infrastructure drift detected in workspace {{workspace_name}}. Remediation ticket: {{create-remediation.key}}.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repo}}/actions/workflows/{{workflow}}/runs?per_page=1
inputParameters:
- name: repo
in: path
- name: workflow
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/platform-engineering/channels/general/messages
operations:
- name: send-message
method: POST
Manages document approval workflows by monitoring SharePoint for new uploads, creating approval tasks in Jira, and notifying approvers via Teams.
naftiko: '0.5'
info:
label: SharePoint Document Approval Workflow Orchestrator
description: Manages document approval workflows by monitoring SharePoint for new uploads, creating approval tasks in Jira, and notifying approvers via Teams.
tags:
- documentation
- sharepoint
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: doc-approval
port: 8080
tools:
- name: process-document-approval
description: Orchestrate document approval across SharePoint, Jira, and Teams.
inputParameters:
- name: document_id
in: body
type: string
description: The SharePoint document ID.
- name: approver_email
in: body
type: string
description: The approver's email address.
steps:
- name: get-document
type: call
call: sharepoint.get-document
with:
document_id: '{{document_id}}'
- name: create-approval-task
type: call
call: jira.create-issue
with:
project: DOCAPPR
summary: 'Approve: {{get-document.name}}'
issue_type: Task
assignee: '{{approver_email}}'
- name: notify-approver
type: call
call: msteams.send-message
with:
recipient: '{{approver_email}}'
message: 'Document approval needed: {{get-document.name}}. Please review and approve in Jira: {{create-approval-task.key}}.'
consumes:
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites/qualcomm.sharepoint.com
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: documents
path: /drive/items/{{document_id}}
inputParameters:
- name: document_id
in: path
operations:
- name: get-document
method: GET
- type: http
namespace: jira
baseUri: https://qualcomm.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_api_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient}}/sendMail
inputParameters:
- name: recipient
in: path
operations:
- name: send-message
method: POST
Checks the last refresh status and timestamp for a Power BI dataset.
naftiko: '0.5'
info:
label: Power BI Dataset Refresh Status Lookup
description: Checks the last refresh status and timestamp for a Power BI dataset.
tags:
- analytics
- power-bi
- reporting
capability:
exposes:
- type: mcp
namespace: bi
port: 8080
tools:
- name: get-dataset-refresh-status
description: Retrieve the last refresh status and end time for a Power BI dataset.
inputParameters:
- name: dataset_id
in: body
type: string
description: The Power BI dataset ID.
call: powerbi.get-refresh-history
with:
dataset_id: '{{dataset_id}}'
outputParameters:
- name: status
type: string
mapping: $.value[0].status
- name: end_time
type: string
mapping: $.value[0].endTime
consumes:
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: dataset-refreshes
path: /datasets/{{dataset_id}}/refreshes?$top=1
inputParameters:
- name: dataset_id
in: path
operations:
- name: get-refresh-history
method: GET
Orchestrates deal desk approvals by retrieving opportunity details from Salesforce, checking margin thresholds in Snowflake, and routing approvals via Teams.
naftiko: '0.5'
info:
label: Salesforce Deal Desk Approval Orchestrator
description: Orchestrates deal desk approvals by retrieving opportunity details from Salesforce, checking margin thresholds in Snowflake, and routing approvals via Teams.
tags:
- sales
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: deal-desk
port: 8080
tools:
- name: process-deal-approval
description: Orchestrate deal desk approval across Salesforce, Snowflake, and Teams.
inputParameters:
- name: opportunity_id
in: body
type: string
description: The Salesforce opportunity ID.
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opportunity_id: '{{opportunity_id}}'
- name: check-margin
type: call
call: snowflake.execute-query
with:
statement: SELECT margin_pct, standard_margin FROM pricing_model WHERE product_code = '{{get-opportunity.product_code}}'
- name: route-approval
type: call
call: msteams.send-message
with:
channel: deal-desk
message: 'Deal Approval Needed: {{get-opportunity.Name}} - ${{get-opportunity.Amount}}. Margin: {{check-margin.margin_pct}}% (standard: {{check-margin.standard_margin}}%).'
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity/{{opportunity_id}}
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: snowflake
baseUri: https://qualcomm.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/deal-desk/channels/general/messages
operations:
- name: send-message
method: POST
Analyzes marketing campaign ROI by pulling campaign spend from SAP, lead conversion data from Salesforce, and publishing results to a Power BI dashboard.
naftiko: '0.5'
info:
label: Marketing Campaign ROI Analysis Orchestrator
description: Analyzes marketing campaign ROI by pulling campaign spend from SAP, lead conversion data from Salesforce, and publishing results to a Power BI dashboard.
tags:
- marketing
- sap
- salesforce
- power-bi
capability:
exposes:
- type: mcp
namespace: marketing-analytics
port: 8080
tools:
- name: analyze-campaign-roi
description: Orchestrate campaign ROI analysis across SAP, Salesforce, and Power BI.
inputParameters:
- name: campaign_id
in: body
type: string
description: The Salesforce campaign ID.
steps:
- name: get-campaign-details
type: call
call: salesforce.get-campaign
with:
campaign_id: '{{campaign_id}}'
- name: get-lead-conversions
type: call
call: salesforce.query
with:
soql: SELECT COUNT(Id) converted FROM Lead WHERE ConvertedDate != null AND Campaign_Source__c = '{{campaign_id}}'
- name: refresh-roi-dashboard
type: call
call: powerbi.trigger-refresh
with:
dataset_id: marketing-roi-dataset
consumes:
- type: http
namespace: salesforce
baseUri: https://qualcomm.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: campaigns
path: /sobjects/Campaign/{{campaign_id}}
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-campaign
method: GET
- name: query
path: /query
operations:
- name: query
method: GET
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: refreshes
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: trigger-refresh
method: POST
Implements deployment gates by checking SonarQube code quality, verifying ServiceNow change approval, and deploying via Azure DevOps with Teams notification.
naftiko: '0.5'
info:
label: Azure DevOps Pipeline Deployment Gate Orchestrator
description: Implements deployment gates by checking SonarQube code quality, verifying ServiceNow change approval, and deploying via Azure DevOps with Teams notification.
tags:
- devops
- azure-devops
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: deployment
port: 8080
tools:
- name: run-deployment-gate
description: Orchestrate deployment gate checks across SonarQube, ServiceNow, Azure DevOps, and Teams.
inputParameters:
- name: project_name
in: body
type: string
description: The Azure DevOps project name.
- name: change_request_number
in: body
type: string
description: The ServiceNow change request number.
steps:
- name: check-code-quality
type: call
call: github.get-check-runs
with:
repo: '{{project_name}}'
ref: main
- name: verify-change-approval
type: call
call: servicenow.get-change-request
with:
number: '{{change_request_number}}'
- name: notify-deployment
type: call
call: msteams.send-message
with:
channel: deployments
message: 'Deployment gate for {{project_name}}: Code quality={{check-code-quality.conclusion}}, CR {{change_request_number}} status={{verify-change-approval.state}}.'
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: check-runs
path: /repos/qualcomm/{{repo}}/commits/{{ref}}/check-runs
inputParameters:
- name: repo
in: path
- name: ref
in: path
operations:
- name: get-check-runs
method: GET
- type: http
namespace: servicenow
baseUri: https://qualcomm.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request?sysparm_query=number={{number}}
inputParameters:
- name: number
in: query
operations:
- name: get-change-request
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/deployments/channels/general/messages
operations:
- name: send-message
method: POST
Checks device compliance status via Microsoft Endpoint Manager, correlates with Azure AD group policies, opens a ServiceNow remediation task for non-compliant devices, and notifies IT security.
naftiko: '0.5'
info:
label: Endpoint Compliance Check Orchestrator
description: Checks device compliance status via Microsoft Endpoint Manager, correlates with Azure AD group policies, opens a ServiceNow remediation task for non-compliant devices, and notifies IT security.
tags:
- security
- compliance
- microsoft-endpoint-manager
- azure-active-directory
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: endpoint-compliance
port: 8080
tools:
- name: check-endpoint-compliance
description: Given a device ID, check compliance status, verify group policies, create remediation tasks for violations, and notify security.
inputParameters:
- name: device_id
in: body
type: string
description: The Microsoft Endpoint Manager device ID.
steps:
- name: get-compliance
type: call
call: intune.get-device-compliance
with:
device_id: '{{device_id}}'
- name: get-policies
type: call
call: azuread.get-device-policies
with:
device_id: '{{device_id}}'
- name: create-remediation
type: call
call: servicenow.create-task
with:
short_description: 'Non-Compliant Endpoint: {{get-compliance.device_name}} — {{get-compliance.compliance_state}}'
assigned_group: IT_Security
category: endpoint_remediation
description: 'Device: {{get-compliance.device_name}} ({{device_id}}). OS: {{get-compliance.os_version}}. Compliance state: {{get-compliance.compliance_state}}. Violations: {{get-compliance.violation_count}}. Owner: {{get-compliance.user_principal_name}}.'
- name: notify-security
type: call
call: msteams.post-channel
with:
team_id: it-security
channel_id: endpoint-alerts
text: 'Non-Compliant Endpoint — {{get-compliance.device_name}} ({{get-compliance.user_principal_name}}): State: {{get-compliance.compliance_state}}. Violations: {{get-compliance.violation_count}}. Remediation: {{create-remediation.number}}.'
consumes:
- type: http
namespace: intune
baseUri: https://graph.microsoft.com/v1.0/deviceManagement
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: managed-devices
path: /managedDevices/{{device_id}}
inputParameters:
- name: device_id
in: path
operations:
- name: get-device-compliance
method: GET
- type: http
namespace: azuread
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: device-policies
path: /devices/{{device_id}}/memberOf
inputParameters:
- name: device_id
in: path
operations:
- name: get-device-policies
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/task
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves the status of a GitLab merge request by project and MR ID, returning approval status, pipeline result, and merge readiness for T-Mobile engineering teams.
naftiko: '0.5'
info:
label: GitLab Merge Request Status
description: Retrieves the status of a GitLab merge request by project and MR ID, returning approval status, pipeline result, and merge readiness for T-Mobile engineering teams.
tags:
- ci-cd
- gitlab
capability:
exposes:
- type: mcp
namespace: code-review
port: 8080
tools:
- name: get-merge-request-status
description: Look up a GitLab merge request by project ID and MR IID. Returns title, approval status, pipeline status, and merge conflicts.
inputParameters:
- name: project_id
in: body
type: string
description: The GitLab project ID.
- name: mr_iid
in: body
type: string
description: The merge request internal ID.
call: gitlab.get-mr
with:
project_id: '{{project_id}}'
mr_iid: '{{mr_iid}}'
outputParameters:
- name: title
type: string
mapping: $.title
- name: state
type: string
mapping: $.state
- name: pipeline_status
type: string
mapping: $.head_pipeline.status
- name: has_conflicts
type: boolean
mapping: $.has_conflicts
consumes:
- type: http
namespace: gitlab
baseUri: https://gitlab.tmobile.com/api/v4
authentication:
type: bearer
token: $secrets.gitlab_token
resources:
- name: merge-requests
path: /projects/{{project_id}}/merge_requests/{{mr_iid}}
inputParameters:
- name: project_id
in: path
- name: mr_iid
in: path
operations:
- name: get-mr
method: GET
Queries a cell site by site ID from Ericsson ENM, checks for active alarms, and if alarms are present creates a ServiceNow incident for the NOC team.
naftiko: '0.5'
info:
label: Cell Site Health and Alarm Sync
description: Queries a cell site by site ID from Ericsson ENM, checks for active alarms, and if alarms are present creates a ServiceNow incident for the NOC team.
tags:
- network-ops
- ericsson
- servicenow
capability:
exposes:
- type: mcp
namespace: network-ops
port: 8080
tools:
- name: check-cell-site-health
description: Look up cell site operational status by site ID and create a ServiceNow incident if alarms are detected.
inputParameters:
- name: site_id
in: body
type: string
description: The unique cell site identifier (e.g., SEA-5G-0042).
steps:
- name: get-site
type: call
call: ericsson.get-site
with:
site_id: '{{site_id}}'
- name: create-alarm-ticket
type: call
call: servicenow.create-incident
with:
short_description: 'Cell Site Alarm: {{site_id}} — {{get-site.operational_status}}'
category: network
assigned_group: NOC_Tier1
description: 'Site {{site_id}} has {{get-site.active_alarms}} active alarms. Status: {{get-site.operational_status}}. Type: {{get-site.site_type}}.'
consumes:
- type: http
namespace: ericsson
baseUri: https://enm.tmobile-network.com/oss/api/v1
authentication:
type: bearer
token: $secrets.ericsson_enm_token
resources:
- name: managed-elements
path: /managed-elements/{{site_id}}
inputParameters:
- name: site_id
in: path
operations:
- name: get-site
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Queries Salesforce for the current B2B sales pipeline by owner, returning total opportunities, weighted revenue, and stage distribution for T-Mobile enterprise sales.
naftiko: '0.5'
info:
label: Salesforce Opportunity Pipeline Summary
description: Queries Salesforce for the current B2B sales pipeline by owner, returning total opportunities, weighted revenue, and stage distribution for T-Mobile enterprise sales.
tags:
- sales
- salesforce
capability:
exposes:
- type: mcp
namespace: sales-pipeline
port: 8080
tools:
- name: get-pipeline-summary
description: Query Salesforce for a sales rep's opportunity pipeline. Returns total open opportunities, weighted pipeline value, and stage breakdown.
inputParameters:
- name: owner_id
in: body
type: string
description: The Salesforce user ID of the sales rep.
call: salesforce.query-pipeline
with:
owner_id: '{{owner_id}}'
outputParameters:
- name: total_opportunities
type: integer
mapping: $.totalSize
- name: records
type: array
mapping: $.records
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: pipeline-query
path: /query?q=SELECT+StageName,Amount,CloseDate,Name+FROM+Opportunity+WHERE+OwnerId='{{owner_id}}'+AND+IsClosed=false
inputParameters:
- name: owner_id
in: query
operations:
- name: query-pipeline
method: GET
Sends a notification to a Slack channel.
naftiko: '0.5'
info:
label: Slack Notification Publisher
description: Sends a notification to a Slack channel.
tags:
- communications
- slack
capability:
exposes:
- type: mcp
namespace: communications
port: 8080
tools:
- name: get-slack
description: Sends a notification to a Slack channel.
inputParameters:
- name: entity_id
in: body
type: string
description: The slack notification publisher identifier.
call: communications-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: communications-api
baseUri: https://api.t-mobile.com/communications/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: slack
path: /slack/notification/publisher/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-slack
method: GET
Searches Elasticsearch for log entries matching a query string and time range, used by T-Mobile SRE teams for incident investigation.
naftiko: '0.5'
info:
label: Elasticsearch Log Search
description: Searches Elasticsearch for log entries matching a query string and time range, used by T-Mobile SRE teams for incident investigation.
tags:
- observability
- elasticsearch
capability:
exposes:
- type: mcp
namespace: log-search
port: 8080
tools:
- name: search-logs
description: Search Elasticsearch logs by query string and index pattern. Returns matching log entries with timestamps, severity, and message content.
inputParameters:
- name: query
in: body
type: string
description: The Elasticsearch query string (e.g., error AND service:billing-api).
- name: index_pattern
in: body
type: string
description: The Elasticsearch index pattern to search (e.g., logs-network-*).
call: elasticsearch.search
with:
index: '{{index_pattern}}'
q: '{{query}}'
outputParameters:
- name: total_hits
type: integer
mapping: $.hits.total.value
- name: entries
type: array
mapping: $.hits.hits[*]._source
consumes:
- type: http
namespace: elasticsearch
baseUri: https://es-cluster.tmobile-infra.com:9200
authentication:
type: basic
username: $secrets.elasticsearch_user
password: $secrets.elasticsearch_password
resources:
- name: search
path: /{{index}}/_search
inputParameters:
- name: index
in: path
operations:
- name: search
method: GET
Checks the operational status of a network element.
naftiko: '0.5'
info:
label: Network Element Status
description: Checks the operational status of a network element.
tags:
- network
- monitoring
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: get-network
description: Checks the operational status of a network element.
inputParameters:
- name: entity_id
in: body
type: string
description: The network element status identifier.
call: network-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: network-api
baseUri: https://api.t-mobile.com/network/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: network
path: /network/element/status/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-network
method: GET
Processes a customer plan upgrade by updating the account in Salesforce, adjusting billing in Oracle EBS, sending a confirmation via Adobe Campaign, and logging the change in ServiceNow.
naftiko: '0.5'
info:
label: Customer Plan Upgrade Orchestrator
description: Processes a customer plan upgrade by updating the account in Salesforce, adjusting billing in Oracle EBS, sending a confirmation via Adobe Campaign, and logging the change in ServiceNow.
tags:
- customer-management
- billing
- salesforce
- oracle-e-business-suite
- adobe-campaign
- servicenow
capability:
exposes:
- type: mcp
namespace: plan-management
port: 8080
tools:
- name: process-plan-upgrade
description: Given a customer account ID and target plan, update the CRM record, adjust billing, send confirmation, and log the change.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce customer account ID.
- name: new_plan
in: body
type: string
description: The target rate plan name (e.g., Go5G Plus, Go5G Next).
- name: effective_date
in: body
type: string
description: The plan change effective date in YYYY-MM-DD format.
steps:
- name: get-account
type: call
call: salesforce.get-account-by-id
with:
account_id: '{{account_id}}'
- name: update-plan
type: call
call: salesforce.update-account
with:
account_id: '{{account_id}}'
rate_plan: '{{new_plan}}'
effective_date: '{{effective_date}}'
- name: adjust-billing
type: call
call: oracle-ebs.update-billing
with:
customer_number: '{{get-account.Customer_Number__c}}'
new_plan: '{{new_plan}}'
effective_date: '{{effective_date}}'
- name: send-confirmation
type: call
call: adobe-campaign.trigger-message
with:
email: '{{get-account.PersonEmail}}'
template: plan_upgrade_confirmation
params:
customer_name: '{{get-account.Name}}'
new_plan: '{{new_plan}}'
effective_date: '{{effective_date}}'
- name: log-change
type: call
call: servicenow.create-change-task
with:
short_description: 'Plan upgrade: {{get-account.Name}} to {{new_plan}}'
description: Customer {{get-account.Name}} ({{account_id}}) upgraded from {{get-account.Rate_Plan__c}} to {{new_plan}} effective {{effective_date}}.
category: plan_change
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-by-id
method: GET
- name: update-account
method: PATCH
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/billing/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: billing-plans
path: /customers/{{customer_number}}/billing-plan
inputParameters:
- name: customer_number
in: path
operations:
- name: update-billing
method: PUT
- type: http
namespace: adobe-campaign
baseUri: https://mc.adobe.io/tmobile/campaign/v1
authentication:
type: bearer
token: $secrets.adobe_campaign_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: transactional-messages
path: /messageCenter/{{template}}/send
inputParameters:
- name: template
in: path
operations:
- name: trigger-message
method: POST
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-tasks
path: /table/change_task
operations:
- name: create-change-task
method: POST
Pulls cell site traffic data from Ericsson ENM, correlates with Datadog infrastructure metrics, and generates a capacity report posted to the network planning Teams channel.
naftiko: '0.5'
info:
label: Network Capacity Planning Orchestrator
description: Pulls cell site traffic data from Ericsson ENM, correlates with Datadog infrastructure metrics, and generates a capacity report posted to the network planning Teams channel.
tags:
- network-ops
- capacity-planning
- ericsson
- datadog
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: capacity-planning
port: 8080
tools:
- name: generate-capacity-report
description: Given a market region code, pull cell site traffic, correlate with infrastructure metrics, and post a capacity summary.
inputParameters:
- name: market_code
in: body
type: string
description: The T-Mobile market region code (e.g., SEA, LAX, NYC).
- name: time_range
in: body
type: string
description: The analysis time range (e.g., last_7d, last_30d).
steps:
- name: get-traffic-data
type: call
call: ericsson.get-market-traffic
with:
market: '{{market_code}}'
period: '{{time_range}}'
- name: get-infra-metrics
type: call
call: datadog.query-metrics
with:
query: avg:network.cell.utilization{market:{{market_code}}}
from: '{{time_range}}'
- name: post-report
type: call
call: msteams.post-channel
with:
team_id: network-planning
channel_id: capacity-reports
text: 'Capacity Report — Market {{market_code}} ({{time_range}}): Peak utilization: {{get-infra-metrics.avg_latency_ms}}%. Total sites: {{get-traffic-data.site_count}}. Sites above 80%: {{get-traffic-data.congested_count}}. Avg throughput: {{get-traffic-data.avg_throughput_mbps}} Mbps.'
consumes:
- type: http
namespace: ericsson
baseUri: https://enm.tmobile-network.com/oss/api/v1
authentication:
type: bearer
token: $secrets.ericsson_enm_token
resources:
- name: market-traffic
path: /performance/market/{{market}}?period={{period}}
inputParameters:
- name: market
in: path
- name: period
in: query
operations:
- name: get-market-traffic
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
inputParameters:
- name: DD-APPLICATION-KEY
in: header
value: $secrets.datadog_app_key
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Looks up device information by IMEI number.
naftiko: '0.5'
info:
label: Device IMEI Lookup
description: Looks up device information by IMEI number.
tags:
- device-management
- customer-service
capability:
exposes:
- type: mcp
namespace: device-management
port: 8080
tools:
- name: get-device
description: Looks up device information by IMEI number.
inputParameters:
- name: entity_id
in: body
type: string
description: The device imei lookup identifier.
call: device-management-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: device-management-api
baseUri: https://api.t-mobile.com/device-management/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: device
path: /device/imei/lookup/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-device
method: GET
When a negative social media mention is detected, retrieves the post from Twitter, logs it in Salesforce as a case, and notifies the social care team in Microsoft Teams.
naftiko: '0.5'
info:
label: Social Media Mention Monitor
description: When a negative social media mention is detected, retrieves the post from Twitter, logs it in Salesforce as a case, and notifies the social care team in Microsoft Teams.
tags:
- social-media
- customer-management
- twitter
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: social-care
port: 8080
tools:
- name: handle-negative-mention
description: Given a tweet ID and sentiment score, fetch the tweet, create a Salesforce social care case, and alert the social team.
inputParameters:
- name: tweet_id
in: body
type: string
description: The Twitter/X tweet ID.
- name: sentiment_score
in: body
type: number
description: Sentiment score (-1.0 to 1.0, negative indicates negative sentiment).
steps:
- name: get-tweet
type: call
call: twitter.get-tweet
with:
tweet_id: '{{tweet_id}}'
- name: create-social-case
type: call
call: salesforce.create-case
with:
subject: 'Social Mention: @{{get-tweet.author_username}} — Sentiment {{sentiment_score}}'
description: 'Tweet: {{get-tweet.text}}. Author: @{{get-tweet.author_username}} ({{get-tweet.author_followers}} followers). Sentiment: {{sentiment_score}}. URL: https://twitter.com/{{get-tweet.author_username}}/status/{{tweet_id}}.'
type: Social_Care
priority: High
- name: notify-social-team
type: call
call: msteams.post-channel
with:
team_id: social-care
channel_id: escalations
text: 'Negative Mention from @{{get-tweet.author_username}} ({{get-tweet.author_followers}} followers): "{{get-tweet.text}}". Sentiment: {{sentiment_score}}. Case: {{create-social-case.id}}.'
consumes:
- type: http
namespace: twitter
baseUri: https://api.twitter.com/2
authentication:
type: bearer
token: $secrets.twitter_bearer_token
resources:
- name: tweets
path: /tweets/{{tweet_id}}?expansions=author_id&tweet.fields=text,created_at&user.fields=username,public_metrics
inputParameters:
- name: tweet_id
in: path
operations:
- name: get-tweet
method: GET
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: cases
path: /sobjects/Case
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves data usage summary for a subscriber.
naftiko: '0.5'
info:
label: Subscriber Usage Summary
description: Retrieves data usage summary for a subscriber.
tags:
- billing
- customer-service
capability:
exposes:
- type: mcp
namespace: billing
port: 8080
tools:
- name: get-subscriber
description: Retrieves data usage summary for a subscriber.
inputParameters:
- name: entity_id
in: body
type: string
description: The subscriber usage summary identifier.
call: billing-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: billing-api
baseUri: https://api.t-mobile.com/billing/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: subscriber
path: /subscriber/usage/summary/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-subscriber
method: GET
Refreshes executive dashboards by pulling data from multiple sources, transforming metrics, and updating Power BI.
naftiko: '0.5'
info:
label: Executive Dashboard Refresh Orchestrator
description: Refreshes executive dashboards by pulling data from multiple sources, transforming metrics, and updating Power BI.
tags:
- analytics
- power-bi
- business
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: run-executive-dashboard-refresh-orchestrator
description: Refreshes executive dashboards by pulling data from multiple sources, transforming metrics, and updating Power BI.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Executive Dashboard Refresh Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Identifies a churn-risk customer in Salesforce, enriches with usage data from the billing platform, creates a retention case in ServiceNow, and notifies the assigned retention specialist via Microsoft Teams.
naftiko: '0.5'
info:
label: Customer Churn Risk Orchestrator
description: Identifies a churn-risk customer in Salesforce, enriches with usage data from the billing platform, creates a retention case in ServiceNow, and notifies the assigned retention specialist via Microsoft Teams.
tags:
- customer-management
- retention
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: customer-retention
port: 8080
tools:
- name: handle-churn-risk
description: Given a customer account ID and churn score, pull account details, create a retention case, and notify the assigned specialist.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce account ID for the at-risk customer.
- name: churn_score
in: body
type: number
description: The predicted churn probability score (0.0 to 1.0).
steps:
- name: get-account
type: call
call: salesforce.get-account-by-id
with:
account_id: '{{account_id}}'
- name: create-retention-case
type: call
call: servicenow.create-case
with:
short_description: 'Churn Risk: {{get-account.Name}} — Score {{churn_score}}'
category: customer_retention
assigned_group: Retention_Team
description: 'Customer {{get-account.Name}} ({{account_id}}) flagged with churn score {{churn_score}}. Plan: {{get-account.Rate_Plan__c}}. Tenure: {{get-account.Tenure_Months__c}} months. Lines: {{get-account.Line_Count__c}}.'
- name: notify-specialist
type: call
call: msteams.send-message
with:
recipient_upn: '{{get-account.Owner_Email__c}}'
text: 'Retention Alert: {{get-account.Name}} has a churn score of {{churn_score}}. Case {{create-retention-case.number}} created. {{get-account.Line_Count__c}} lines on {{get-account.Rate_Plan__c}}. Please reach out within 24 hours.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-by-id
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cases
path: /table/sn_customerservice_case
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /users/{{recipient_upn}}/sendMail
inputParameters:
- name: recipient_upn
in: path
operations:
- name: send-message
method: POST
Retrieves a Confluence wiki page.
naftiko: '0.5'
info:
label: Confluence Page Viewer
description: Retrieves a Confluence wiki page.
tags:
- collaboration
- confluence
capability:
exposes:
- type: mcp
namespace: collaboration
port: 8080
tools:
- name: get-confluence
description: Retrieves a Confluence wiki page.
inputParameters:
- name: entity_id
in: body
type: string
description: The confluence page viewer identifier.
call: collaboration-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: collaboration-api
baseUri: https://api.t-mobile.com/collaboration/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: confluence
path: /confluence/page/viewer/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-confluence
method: GET
Fetches active Prometheus alerts filtered by severity, creates a ServiceNow incident for critical batches, and posts a digest summary to the NOC Teams channel.
naftiko: '0.5'
info:
label: Prometheus Alert Digest and Notification
description: Fetches active Prometheus alerts filtered by severity, creates a ServiceNow incident for critical batches, and posts a digest summary to the NOC Teams channel.
tags:
- monitoring
- prometheus
- network-ops
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: alert-monitoring
port: 8080
tools:
- name: process-active-alerts
description: Query Prometheus for active alerts by severity, batch-create a ServiceNow incident, and post a summary to the NOC channel.
inputParameters:
- name: severity
in: body
type: string
description: Alert severity to filter (critical, warning, info).
steps:
- name: get-alerts
type: call
call: prometheus.get-alerts
with:
filter: severity={{severity}}
- name: create-batch-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Prometheus Alert Batch: {{get-alerts.alert_count}} {{severity}} alerts'
category: monitoring
assigned_group: NOC_Tier1
description: '{{get-alerts.alert_count}} active {{severity}} alerts detected in Prometheus Alertmanager. Review and triage required.'
- name: notify-noc
type: call
call: msteams.post-channel
with:
team_id: noc-operations
channel_id: alert-digests
text: 'Prometheus Alert Digest — {{get-alerts.alert_count}} {{severity}} alerts active. Incident: {{create-batch-incident.number}}. Please review and assign.'
consumes:
- type: http
namespace: prometheus
baseUri: https://alertmanager.tmobile-infra.com/api/v2
authentication:
type: bearer
token: $secrets.prometheus_token
resources:
- name: alerts
path: /alerts?filter={{filter}}
inputParameters:
- name: filter
in: query
operations:
- name: get-alerts
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves a Jira ticket by issue key.
naftiko: '0.5'
info:
label: Jira Ticket Viewer
description: Retrieves a Jira ticket by issue key.
tags:
- engineering
- jira
capability:
exposes:
- type: mcp
namespace: engineering
port: 8080
tools:
- name: get-jira
description: Retrieves a Jira ticket by issue key.
inputParameters:
- name: entity_id
in: body
type: string
description: The jira ticket viewer identifier.
call: engineering-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: engineering-api
baseUri: https://api.t-mobile.com/engineering/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: jira
path: /jira/ticket/viewer/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-jira
method: GET
Onboards new technology partners by provisioning API access, configuring integrations, and validating connectivity.
naftiko: '0.5'
info:
label: Partner Integration Orchestrator
description: Onboards new technology partners by provisioning API access, configuring integrations, and validating connectivity.
tags:
- partnerships
- engineering
- api
capability:
exposes:
- type: mcp
namespace: partnerships
port: 8080
tools:
- name: run-partner-integration-orchestrator
description: Onboards new technology partners by provisioning API access, configuring integrations, and validating connectivity.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Partner Integration Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Retrieves signal strength data for a cell tower.
naftiko: '0.5'
info:
label: Cell Tower Signal Strength Lookup
description: Retrieves signal strength data for a cell tower.
tags:
- network
- infrastructure
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: get-cell
description: Retrieves signal strength data for a cell tower.
inputParameters:
- name: entity_id
in: body
type: string
description: The cell tower signal strength lookup identifier.
call: network-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: network-api
baseUri: https://api.t-mobile.com/network/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: cell
path: /cell/tower/signal/strength/lookup/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-cell
method: GET
Collects a customer NPS response from HubSpot, links it to the Salesforce account, opens a ServiceNow follow-up task for detractors, and notifies the CX team in Teams.
naftiko: '0.5'
info:
label: Customer Feedback Loop Orchestrator
description: Collects a customer NPS response from HubSpot, links it to the Salesforce account, opens a ServiceNow follow-up task for detractors, and notifies the CX team in Teams.
tags:
- customer-experience
- hubspot
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: customer-feedback
port: 8080
tools:
- name: process-nps-response
description: Given a HubSpot contact ID and NPS score, link to Salesforce, create follow-up for detractors, and notify the CX team.
inputParameters:
- name: hubspot_contact_id
in: body
type: string
description: The HubSpot contact ID of the survey respondent.
- name: nps_score
in: body
type: integer
description: The NPS score (0-10).
- name: feedback_text
in: body
type: string
description: The customer's open-ended feedback.
steps:
- name: get-contact
type: call
call: hubspot.get-contact
with:
contact_id: '{{hubspot_contact_id}}'
- name: update-salesforce
type: call
call: salesforce.create-nps-record
with:
email: '{{get-contact.email}}'
nps_score: '{{nps_score}}'
feedback: '{{feedback_text}}'
survey_date: '{{get-contact.lastmodifieddate}}'
- name: create-followup
type: call
call: servicenow.create-task
with:
short_description: 'NPS Detractor Follow-up: {{get-contact.firstname}} {{get-contact.lastname}} (Score: {{nps_score}})'
assigned_group: CX_Recovery
description: 'Customer {{get-contact.firstname}} {{get-contact.lastname}} ({{get-contact.email}}) gave NPS {{nps_score}}. Feedback: {{feedback_text}}.'
category: customer_feedback
- name: notify-cx-team
type: call
call: msteams.post-channel
with:
team_id: customer-experience
channel_id: nps-alerts
text: 'NPS Detractor — {{get-contact.firstname}} {{get-contact.lastname}}: Score {{nps_score}}/10. "{{feedback_text}}". Follow-up task: {{create-followup.number}}.'
consumes:
- type: http
namespace: hubspot
baseUri: https://api.hubapi.com/crm/v3
authentication:
type: bearer
token: $secrets.hubspot_token
resources:
- name: contacts
path: /objects/contacts/{{contact_id}}
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: nps-records
path: /sobjects/NPS_Response__c
operations:
- name: create-nps-record
method: POST
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/task
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves a ServiceNow incident by number, returning priority, assignment group, state, and resolution notes for T-Mobile IT operations.
naftiko: '0.5'
info:
label: ServiceNow Incident Lookup
description: Retrieves a ServiceNow incident by number, returning priority, assignment group, state, and resolution notes for T-Mobile IT operations.
tags:
- it-ops
- servicenow
capability:
exposes:
- type: mcp
namespace: it-incidents
port: 8080
tools:
- name: get-incident
description: Fetch a ServiceNow incident by incident number. Returns state, priority, assigned group, short description, and resolution notes.
inputParameters:
- name: incident_number
in: body
type: string
description: The ServiceNow incident number (e.g., INC0012345).
call: servicenow.get-incident
with:
incident_number: '{{incident_number}}'
outputParameters:
- name: state
type: string
mapping: $.result.state
- name: priority
type: string
mapping: $.result.priority
- name: assigned_to
type: string
mapping: $.result.assigned_to.display_value
- name: short_description
type: string
mapping: $.result.short_description
consumes:
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident?sysparm_query=number={{incident_number}}
inputParameters:
- name: incident_number
in: query
operations:
- name: get-incident
method: GET
Queries Datadog for real-time network performance metrics by hostname, and if degradation is detected posts an alert to the NOC Microsoft Teams channel with metric details.
naftiko: '0.5'
info:
label: Network Metrics Alert Pipeline
description: Queries Datadog for real-time network performance metrics by hostname, and if degradation is detected posts an alert to the NOC Microsoft Teams channel with metric details.
tags:
- monitoring
- datadog
- network-ops
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: network-monitoring
port: 8080
tools:
- name: check-network-metrics
description: Query Datadog for network performance metrics by hostname and alert the NOC team in Teams if thresholds are breached.
inputParameters:
- name: hostname_pattern
in: body
type: string
description: Hostname or wildcard pattern for the network device (e.g., core-rtr-sea-*).
- name: time_range
in: body
type: string
description: Time range for the query (e.g., last_1h, last_24h).
steps:
- name: get-metrics
type: call
call: datadog.query-metrics
with:
query: avg:system.net.bytes_rcvd{host:{{hostname_pattern}}}
from: '{{time_range}}'
- name: notify-noc
type: call
call: msteams.post-channel
with:
team_id: noc-operations
channel_id: metrics-alerts
text: 'Network Metrics Alert — Host: {{hostname_pattern}} ({{time_range}}): Avg latency: {{get-metrics.avg_latency_ms}}ms. Packet loss: {{get-metrics.packet_loss_pct}}%.'
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
inputParameters:
- name: DD-APPLICATION-KEY
in: header
value: $secrets.datadog_app_key
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves a 5G site deployment record from Salesforce, pulls infrastructure state from Terraform Cloud, and posts a status update to the deployment Teams channel.
naftiko: '0.5'
info:
label: 5G Deployment Tracker
description: Retrieves a 5G site deployment record from Salesforce, pulls infrastructure state from Terraform Cloud, and posts a status update to the deployment Teams channel.
tags:
- 5g
- deployment
- salesforce
- terraform
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: 5g-deployment
port: 8080
tools:
- name: track-5g-deployment
description: Given a 5G deployment project ID, fetch the Salesforce project record, check Terraform workspace state, and post a combined status update to Teams.
inputParameters:
- name: project_id
in: body
type: string
description: The Salesforce 5G deployment project ID.
steps:
- name: get-project
type: call
call: salesforce.get-deployment-project
with:
project_id: '{{project_id}}'
- name: get-infra-state
type: call
call: terraform.get-workspace
with:
workspace_name: '{{get-project.Terraform_Workspace__c}}'
- name: post-status
type: call
call: msteams.post-channel
with:
team_id: 5g-deployments
channel_id: status-updates
text: '5G Deployment Update — {{get-project.Name}}: Market: {{get-project.Market__c}}, Phase: {{get-project.Phase__c}}, Infra Resources: {{get-infra-state.resource_count}}, Last Apply: {{get-infra-state.last_apply_status}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: deployment-projects
path: /sobjects/Deployment_Project__c/{{project_id}}
inputParameters:
- name: project_id
in: path
operations:
- name: get-deployment-project
method: GET
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_cloud_token
inputParameters:
- name: Content-Type
in: header
value: application/vnd.api+json
resources:
- name: workspaces
path: /organizations/t-mobile/workspaces/{{workspace_name}}
inputParameters:
- name: workspace_name
in: path
operations:
- name: get-workspace
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Sends a templated WhatsApp notification to a T-Mobile customer using the WhatsApp Business API, used for service alerts, appointment reminders, and delivery notifications.
naftiko: '0.5'
info:
label: WhatsApp Customer Notification Sender
description: Sends a templated WhatsApp notification to a T-Mobile customer using the WhatsApp Business API, used for service alerts, appointment reminders, and delivery notifications.
tags:
- customer-management
- messaging
- whatsapp
capability:
exposes:
- type: mcp
namespace: customer-messaging
port: 8080
tools:
- name: send-whatsapp-notification
description: Send a templated WhatsApp message to a customer phone number. Returns message ID and delivery status.
inputParameters:
- name: phone_number
in: body
type: string
description: The recipient phone number in E.164 format.
- name: template_name
in: body
type: string
description: The WhatsApp message template name.
- name: template_params
in: body
type: object
description: Template parameter key-value pairs.
call: whatsapp.send-template
with:
phone_number: '{{phone_number}}'
template_name: '{{template_name}}'
template_params: '{{template_params}}'
outputParameters:
- name: message_id
type: string
mapping: $.messages[0].id
- name: status
type: string
mapping: $.messages[0].message_status
consumes:
- type: http
namespace: whatsapp
baseUri: https://graph.facebook.com/v18.0/$secrets.whatsapp_phone_id
authentication:
type: bearer
token: $secrets.whatsapp_token
resources:
- name: messages
path: /messages
operations:
- name: send-template
method: POST
Retrieves a Salesforce account by account ID.
naftiko: '0.5'
info:
label: Salesforce Account Viewer
description: Retrieves a Salesforce account by account ID.
tags:
- sales
- salesforce
capability:
exposes:
- type: mcp
namespace: sales
port: 8080
tools:
- name: get-salesforce
description: Retrieves a Salesforce account by account ID.
inputParameters:
- name: entity_id
in: body
type: string
description: The salesforce account viewer identifier.
call: sales-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: sales-api
baseUri: https://api.t-mobile.com/sales/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: salesforce
path: /salesforce/account/viewer/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-salesforce
method: GET
Reviews data governance compliance by auditing access controls, classifying data, and generating compliance reports.
naftiko: '0.5'
info:
label: Data Governance Review Orchestrator
description: Reviews data governance compliance by auditing access controls, classifying data, and generating compliance reports.
tags:
- data-governance
- compliance
- analytics
capability:
exposes:
- type: mcp
namespace: data-governance
port: 8080
tools:
- name: run-data-governance-review-orchestrator
description: Reviews data governance compliance by auditing access controls, classifying data, and generating compliance reports.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Data Governance Review Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Kicks off cross-functional projects by creating workspaces, scheduling meetings, and distributing project charters.
naftiko: '0.5'
info:
label: Cross-Functional Project Kickoff Orchestrator
description: Kicks off cross-functional projects by creating workspaces, scheduling meetings, and distributing project charters.
tags:
- project-management
- collaboration
- operations
capability:
exposes:
- type: mcp
namespace: project-management
port: 8080
tools:
- name: run-cross-functional-project-kickoff-orchestrator
description: Kicks off cross-functional projects by creating workspaces, scheduling meetings, and distributing project charters.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Cross-Functional Project Kickoff Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Processes roaming settlement by pulling inter-operator usage from the billing system, validating against partner rates in Salesforce, generating a settlement statement, and notifying the wholesale finance team.
naftiko: '0.5'
info:
label: Roaming Partner Settlement Orchestrator
description: Processes roaming settlement by pulling inter-operator usage from the billing system, validating against partner rates in Salesforce, generating a settlement statement, and notifying the wholesale finance team.
tags:
- wholesale
- roaming
- oracle-e-business-suite
- salesforce
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: roaming-settlement
port: 8080
tools:
- name: process-roaming-settlement
description: Given a roaming partner ID and settlement period, pull usage, validate rates, create the settlement document, and notify finance.
inputParameters:
- name: partner_id
in: body
type: string
description: The Salesforce roaming partner account ID.
- name: settlement_period
in: body
type: string
description: The settlement period in YYYY-MM format.
steps:
- name: get-partner
type: call
call: salesforce.get-roaming-partner
with:
partner_id: '{{partner_id}}'
- name: get-usage
type: call
call: oracle-ebs.get-roaming-usage
with:
partner_code: '{{get-partner.Partner_Code__c}}'
period: '{{settlement_period}}'
- name: create-statement
type: call
call: sharepoint.create-file
with:
site_id: wholesale_finance
file_path: Settlements/{{get-partner.Name}}_{{settlement_period}}.md
content: '# Roaming Settlement: {{get-partner.Name}}
Period: {{settlement_period}}
Inbound Data: {{get-usage.inbound_data_gb}} GB
Outbound Data: {{get-usage.outbound_data_gb}} GB
Inbound Voice: {{get-usage.inbound_voice_min}} min
Net Settlement: ${{get-usage.net_amount}}'
- name: notify-finance
type: call
call: msteams.post-channel
with:
team_id: wholesale-finance
channel_id: settlements
text: 'Roaming Settlement Ready — {{get-partner.Name}} ({{settlement_period}}): Net amount: ${{get-usage.net_amount}}. Document: {{create-statement.url}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: roaming-partners
path: /sobjects/Roaming_Partner__c/{{partner_id}}
inputParameters:
- name: partner_id
in: path
operations:
- name: get-roaming-partner
method: GET
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/roaming/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: roaming-usage
path: /usage?partner={{partner_code}}&period={{period}}
inputParameters:
- name: partner_code
in: query
- name: period
in: query
operations:
- name: get-roaming-usage
method: GET
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /{{site_id}}/drive/root:/{{file_path}}:/content
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Analyzes procurement spend by categorizing purchases, identifying savings opportunities, and generating reports.
naftiko: '0.5'
info:
label: Procurement Spend Analysis Orchestrator
description: Analyzes procurement spend by categorizing purchases, identifying savings opportunities, and generating reports.
tags:
- procurement
- analytics
- finance
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: run-procurement-spend-analysis-orchestrator
description: Analyzes procurement spend by categorizing purchases, identifying savings opportunities, and generating reports.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Procurement Spend Analysis Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Queries Cloudflare for DNS records of a T-Mobile domain zone, returning record type, value, and TTL.
naftiko: '0.5'
info:
label: Cloudflare DNS Record Lookup
description: Queries Cloudflare for DNS records of a T-Mobile domain zone, returning record type, value, and TTL.
tags:
- network-ops
- cloudflare
- dns
capability:
exposes:
- type: mcp
namespace: dns-management
port: 8080
tools:
- name: get-dns-records
description: Look up Cloudflare DNS records by zone and record name. Returns matching records with type, content, TTL, and proxy status.
inputParameters:
- name: zone_id
in: body
type: string
description: The Cloudflare zone ID for the domain.
- name: record_name
in: body
type: string
description: The DNS record name to look up (e.g., api.t-mobile.com).
call: cloudflare.list-records
with:
zone_id: '{{zone_id}}'
name: '{{record_name}}'
outputParameters:
- name: records
type: array
mapping: $.result
consumes:
- type: http
namespace: cloudflare
baseUri: https://api.cloudflare.com/client/v4
authentication:
type: bearer
token: $secrets.cloudflare_api_token
resources:
- name: dns-records
path: /zones/{{zone_id}}/dns_records?name={{name}}
inputParameters:
- name: zone_id
in: path
- name: name
in: query
operations:
- name: list-records
method: GET
Runs an analytics query against the Snowflake data warehouse.
naftiko: '0.5'
info:
label: Snowflake Analytics Query
description: Runs an analytics query against the Snowflake data warehouse.
tags:
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: get-snowflake
description: Runs an analytics query against the Snowflake data warehouse.
inputParameters:
- name: entity_id
in: body
type: string
description: The snowflake analytics query identifier.
call: analytics-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: analytics-api
baseUri: https://api.t-mobile.com/analytics/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: snowflake
path: /snowflake/analytics/query/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-snowflake
method: GET
Pulls campaign metrics from Adobe Analytics and Google Analytics, merges results, and posts a consolidated performance summary to the marketing Teams channel.
naftiko: '0.5'
info:
label: Campaign Performance Aggregator
description: Pulls campaign metrics from Adobe Analytics and Google Analytics, merges results, and posts a consolidated performance summary to the marketing Teams channel.
tags:
- marketing
- adobe-analytics
- google-analytics
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: marketing-campaigns
port: 8080
tools:
- name: aggregate-campaign-performance
description: Given a campaign ID and date range, pull metrics from Adobe Analytics and Google Analytics and post a combined summary to Teams.
inputParameters:
- name: campaign_id
in: body
type: string
description: The marketing campaign identifier.
- name: start_date
in: body
type: string
description: Start date in YYYY-MM-DD format.
- name: end_date
in: body
type: string
description: End date in YYYY-MM-DD format.
steps:
- name: get-adobe-metrics
type: call
call: adobe-analytics.get-report
with:
rsid: tmobile-prod
campaign_id: '{{campaign_id}}'
start_date: '{{start_date}}'
end_date: '{{end_date}}'
- name: get-ga-metrics
type: call
call: google-analytics.run-report
with:
property_id: properties/123456789
campaign_filter: '{{campaign_id}}'
start_date: '{{start_date}}'
end_date: '{{end_date}}'
- name: post-summary
type: call
call: msteams.post-channel
with:
team_id: marketing-analytics
channel_id: campaign-reports
text: 'Campaign {{campaign_id}} ({{start_date}} to {{end_date}}): Adobe — Visits: {{get-adobe-metrics.total_visits}}, Conversions: {{get-adobe-metrics.conversions}}. GA — Sessions: {{get-ga-metrics.total_sessions}}, Bounce: {{get-ga-metrics.bounce_rate}}%.'
consumes:
- type: http
namespace: adobe-analytics
baseUri: https://analytics.adobe.io/api/tmobile/reports
authentication:
type: bearer
token: $secrets.adobe_analytics_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: reports
path: /ranked
operations:
- name: get-report
method: POST
- type: http
namespace: google-analytics
baseUri: https://analyticsdata.googleapis.com/v1beta
authentication:
type: bearer
token: $secrets.google_analytics_token
resources:
- name: reports
path: /{{property_id}}:runReport
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Activates a new SIM card by provisioning the line in the network activation system, updating the customer record in Salesforce, adjusting billing in Oracle EBS, and sending an activation confirmation via Adobe Campaign.
naftiko: '0.5'
info:
label: SIM Activation Orchestrator
description: Activates a new SIM card by provisioning the line in the network activation system, updating the customer record in Salesforce, adjusting billing in Oracle EBS, and sending an activation confirmation via Adobe Campaign.
tags:
- customer-management
- activation
- salesforce
- oracle-e-business-suite
- adobe-campaign
capability:
exposes:
- type: mcp
namespace: sim-activation
port: 8080
tools:
- name: activate-sim
description: Given an ICCID, MSISDN, and account ID, provision the line, update CRM, set up billing, and send confirmation.
inputParameters:
- name: iccid
in: body
type: string
description: The SIM card ICCID (19-20 digits).
- name: msisdn
in: body
type: string
description: The phone number to assign in E.164 format.
- name: account_id
in: body
type: string
description: The Salesforce customer account ID.
- name: plan
in: body
type: string
description: The rate plan to activate (e.g., Go5G Plus).
steps:
- name: provision-line
type: call
call: activation-api.provision
with:
iccid: '{{iccid}}'
msisdn: '{{msisdn}}'
plan_code: '{{plan}}'
- name: update-crm
type: call
call: salesforce.create-subscriber-line
with:
account_id: '{{account_id}}'
msisdn: '{{msisdn}}'
iccid: '{{iccid}}'
plan: '{{plan}}'
activation_date: '{{provision-line.activation_date}}'
- name: setup-billing
type: call
call: oracle-ebs.create-subscription
with:
account_id: '{{account_id}}'
msisdn: '{{msisdn}}'
plan: '{{plan}}'
start_date: '{{provision-line.activation_date}}'
- name: send-confirmation
type: call
call: adobe-campaign.trigger-message
with:
template: sim_activation_welcome
email: '{{update-crm.contact_email}}'
params:
msisdn: '{{msisdn}}'
plan: '{{plan}}'
consumes:
- type: http
namespace: activation-api
baseUri: https://activation-api.tmobile-network.com/v2
authentication:
type: bearer
token: $secrets.activation_api_token
resources:
- name: provisions
path: /lines/provision
operations:
- name: provision
method: POST
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: subscriber-lines
path: /sobjects/Subscriber_Line__c
operations:
- name: create-subscriber-line
method: POST
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/billing/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: subscriptions
path: /subscriptions
operations:
- name: create-subscription
method: POST
- type: http
namespace: adobe-campaign
baseUri: https://mc.adobe.io/tmobile/campaign/v1
authentication:
type: bearer
token: $secrets.adobe_campaign_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: transactional-messages
path: /messageCenter/{{template}}/send
inputParameters:
- name: template
in: path
operations:
- name: trigger-message
method: POST
Manages annual compliance certifications by distributing attestations, tracking completion, and filing results.
naftiko: '0.5'
info:
label: Annual Compliance Certification Orchestrator
description: Manages annual compliance certifications by distributing attestations, tracking completion, and filing results.
tags:
- compliance
- hr
- legal
capability:
exposes:
- type: mcp
namespace: compliance
port: 8080
tools:
- name: run-annual-compliance-certification-orchestrator
description: Manages annual compliance certifications by distributing attestations, tracking completion, and filing results.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Annual Compliance Certification Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Executes disaster recovery tests by failing over systems, validating recovery, and documenting results.
naftiko: '0.5'
info:
label: Disaster Recovery Test Orchestrator
description: Executes disaster recovery tests by failing over systems, validating recovery, and documenting results.
tags:
- infrastructure
- operations
- compliance
capability:
exposes:
- type: mcp
namespace: infrastructure
port: 8080
tools:
- name: run-disaster-recovery-test-orchestrator
description: Executes disaster recovery tests by failing over systems, validating recovery, and documenting results.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Disaster Recovery Test Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Triggers a vulnerability scan assessment, pulls findings from Palo Alto Prisma Cloud, opens ServiceNow security incidents for critical findings, and alerts the security ops team in Teams.
naftiko: '0.5'
info:
label: Security Vulnerability Scan Orchestrator
description: Triggers a vulnerability scan assessment, pulls findings from Palo Alto Prisma Cloud, opens ServiceNow security incidents for critical findings, and alerts the security ops team in Teams.
tags:
- security
- vulnerability
- palo-alto-networks
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vuln-management
port: 8080
tools:
- name: process-vuln-findings
description: Given a cloud account ID, pull critical vulnerability findings, create security incidents, and notify the security operations team.
inputParameters:
- name: cloud_account_id
in: body
type: string
description: The cloud account identifier to scan.
- name: severity_threshold
in: body
type: string
description: Minimum severity to report (critical, high, medium).
steps:
- name: get-findings
type: call
call: prisma-cloud.get-alerts
with:
account_id: '{{cloud_account_id}}'
severity: '{{severity_threshold}}'
- name: open-security-incident
type: call
call: servicenow.create-security-incident
with:
short_description: 'Vuln Scan: {{get-findings.total_count}} {{severity_threshold}}+ findings in {{cloud_account_id}}'
category: vulnerability
severity: '2'
assigned_group: Security_Operations
description: 'Cloud account {{cloud_account_id}} has {{get-findings.total_count}} findings at {{severity_threshold}} or above. Top finding: {{get-findings.top_alert_rule}}. Affected resources: {{get-findings.affected_resource_count}}.'
- name: notify-secops
type: call
call: msteams.post-channel
with:
team_id: security-operations
channel_id: vulnerability-alerts
text: 'Vuln Alert — Account {{cloud_account_id}}: {{get-findings.total_count}} {{severity_threshold}}+ findings. Top: {{get-findings.top_alert_rule}}. Incident: {{open-security-incident.number}}.'
consumes:
- type: http
namespace: prisma-cloud
baseUri: https://api.prismacloud.io
authentication:
type: bearer
token: $secrets.prisma_cloud_token
resources:
- name: alerts
path: /alert?alert.status=open&cloud.accountId={{account_id}}&policy.severity={{severity}}
inputParameters:
- name: account_id
in: query
- name: severity
in: query
operations:
- name: get-alerts
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: security-incidents
path: /table/sn_si_incident
operations:
- name: create-security-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves T-Mobile employee profile information from Workday by worker ID, including department, manager, cost center, and job title.
naftiko: '0.5'
info:
label: Workday Employee Lookup
description: Retrieves T-Mobile employee profile information from Workday by worker ID, including department, manager, cost center, and job title.
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: hr-employee
port: 8080
tools:
- name: get-employee
description: Look up a T-Mobile employee by Workday worker ID. Returns full name, job title, department, cost center, manager, and work email.
inputParameters:
- name: worker_id
in: body
type: string
description: The Workday worker ID.
call: workday.get-worker
with:
worker_id: '{{worker_id}}'
outputParameters:
- name: full_name
type: string
mapping: $.worker.descriptor
- name: job_title
type: string
mapping: $.worker.primaryPosition.jobTitle
- name: department
type: string
mapping: $.worker.primaryPosition.department
- name: cost_center
type: string
mapping: $.worker.primaryPosition.costCenter
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1/tmobile
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: workers
path: /workers/{{worker_id}}
inputParameters:
- name: worker_id
in: path
operations:
- name: get-worker
method: GET
Assesses third-party risks by collecting vendor questionnaires, scoring responses, and tracking remediation plans.
naftiko: '0.5'
info:
label: Third Party Risk Assessment Orchestrator
description: Assesses third-party risks by collecting vendor questionnaires, scoring responses, and tracking remediation plans.
tags:
- risk
- procurement
- compliance
capability:
exposes:
- type: mcp
namespace: risk
port: 8080
tools:
- name: run-third-party-risk-assessment-orchestrator
description: Assesses third-party risks by collecting vendor questionnaires, scoring responses, and tracking remediation plans.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Third Party Risk Assessment Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Tracks digital transformation progress by aggregating initiative metrics, reporting milestones, and alerting on risks.
naftiko: '0.5'
info:
label: Digital Transformation Progress Orchestrator
description: Tracks digital transformation progress by aggregating initiative metrics, reporting milestones, and alerting on risks.
tags:
- strategy
- analytics
- project-management
capability:
exposes:
- type: mcp
namespace: strategy
port: 8080
tools:
- name: run-digital-transformation-progress-orchestrator
description: Tracks digital transformation progress by aggregating initiative metrics, reporting milestones, and alerting on risks.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Digital Transformation Progress Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
After a major incident is resolved, pulls the incident timeline from ServiceNow, gathers related metrics from Datadog, creates a post-mortem document in SharePoint, and notifies stakeholders in Teams.
naftiko: '0.5'
info:
label: Incident Post-Mortem Generator
description: After a major incident is resolved, pulls the incident timeline from ServiceNow, gathers related metrics from Datadog, creates a post-mortem document in SharePoint, and notifies stakeholders in Teams.
tags:
- incident-management
- servicenow
- datadog
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: incident-postmortem
port: 8080
tools:
- name: generate-postmortem
description: Given a resolved incident number, pull timeline and metrics, create a post-mortem document, and notify stakeholders.
inputParameters:
- name: incident_number
in: body
type: string
description: The resolved ServiceNow incident number.
steps:
- name: get-incident
type: call
call: servicenow.get-incident-full
with:
incident_number: '{{incident_number}}'
- name: get-metrics
type: call
call: datadog.query-metrics
with:
query: avg:system.cpu.idle{incident:{{incident_number}}}
from: '{{get-incident.opened_at}}'
to: '{{get-incident.resolved_at}}'
- name: create-document
type: call
call: sharepoint.create-file
with:
site_id: engineering_postmortems
file_path: PostMortems/{{incident_number}}_postmortem.md
content: '# Post-Mortem: {{incident_number}}
## Summary
{{get-incident.short_description}}
## Impact
Duration: {{get-incident.business_duration}}. Priority: {{get-incident.priority}}.
## Timeline
Opened: {{get-incident.opened_at}}. Resolved: {{get-incident.resolved_at}}.
## Resolution
{{get-incident.close_notes}}'
- name: notify-stakeholders
type: call
call: msteams.post-channel
with:
team_id: engineering
channel_id: post-mortems
text: 'Post-Mortem Ready — {{incident_number}}: {{get-incident.short_description}}. Duration: {{get-incident.business_duration}}. Document: {{create-document.url}}.'
consumes:
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident?sysparm_query=number={{incident_number}}
inputParameters:
- name: incident_number
in: query
operations:
- name: get-incident-full
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
inputParameters:
- name: DD-APPLICATION-KEY
in: header
value: $secrets.datadog_app_key
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /{{site_id}}/drive/root:/{{file_path}}:/content
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Handles network security incidents by detecting threats, isolating affected segments, and documenting response.
naftiko: '0.5'
info:
label: Network Security Incident Orchestrator
description: Handles network security incidents by detecting threats, isolating affected segments, and documenting response.
tags:
- security
- network
- servicenow
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: run-network-security-incident-orchestrator
description: Handles network security incidents by detecting threats, isolating affected segments, and documenting response.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Network Security Incident Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
On detection of a network outage signal, fetches affected cell site status from Ericsson ENM, checks Datadog for correlated metrics, opens a ServiceNow P1 incident, and alerts the NOC channel in Microsoft Teams.
naftiko: '0.5'
info:
label: Network Outage Triage Orchestrator
description: On detection of a network outage signal, fetches affected cell site status from Ericsson ENM, checks Datadog for correlated metrics, opens a ServiceNow P1 incident, and alerts the NOC channel in Microsoft Teams.
tags:
- network-ops
- incident-management
- ericsson
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: network-triage
port: 8080
tools:
- name: triage-network-outage
description: Given an affected cell site ID and outage description, pull site status, check monitoring metrics, open a P1 incident, and notify the NOC team.
inputParameters:
- name: site_id
in: body
type: string
description: The affected cell site identifier.
- name: outage_description
in: body
type: string
description: A brief description of the detected outage symptoms.
- name: severity
in: body
type: string
description: Outage severity level (P1, P2, P3).
steps:
- name: get-site-status
type: call
call: ericsson.get-site
with:
site_id: '{{site_id}}'
- name: get-site-metrics
type: call
call: datadog.query-metrics
with:
query: avg:network.cell.availability{site_id:{{site_id}}}
from: last_1h
- name: open-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Network Outage: Site {{site_id}} — {{outage_description}}'
urgency: '1'
impact: '1'
category: network
assigned_group: NOC_Tier2
description: 'Site {{site_id}} reported outage. Status: {{get-site-status.operational_status}}. Availability metric: {{get-site-metrics.avg_latency_ms}}. Severity: {{severity}}.'
- name: notify-noc
type: call
call: msteams.post-channel
with:
team_id: noc-operations
channel_id: critical-alerts
text: 'P1 NETWORK OUTAGE — Site {{site_id}}: {{outage_description}}. Incident {{open-incident.number}} opened. Site status: {{get-site-status.operational_status}}. Alarms: {{get-site-status.active_alarms}}.'
consumes:
- type: http
namespace: ericsson
baseUri: https://enm.tmobile-network.com/oss/api/v1
authentication:
type: bearer
token: $secrets.ericsson_enm_token
resources:
- name: managed-elements
path: /managed-elements/{{site_id}}
inputParameters:
- name: site_id
in: path
operations:
- name: get-site
method: GET
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apiKey
key: $secrets.datadog_api_key
inputParameters:
- name: DD-APPLICATION-KEY
in: header
value: $secrets.datadog_app_key
resources:
- name: metrics
path: /query
operations:
- name: query-metrics
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Generates a wholesale MVNO partner usage report by pulling usage data from the billing platform, enriching with partner details from Salesforce, and sending the report via email through Adobe Campaign.
naftiko: '0.5'
info:
label: Wholesale Partner Usage Report Orchestrator
description: Generates a wholesale MVNO partner usage report by pulling usage data from the billing platform, enriching with partner details from Salesforce, and sending the report via email through Adobe Campaign.
tags:
- wholesale
- billing
- oracle-e-business-suite
- salesforce
- adobe-campaign
capability:
exposes:
- type: mcp
namespace: wholesale-reporting
port: 8080
tools:
- name: generate-partner-usage-report
description: Given a partner ID and billing period, pull usage data, enrich with partner details, and email the report.
inputParameters:
- name: partner_id
in: body
type: string
description: The Salesforce wholesale partner account ID.
- name: billing_period
in: body
type: string
description: The billing period in YYYY-MM format.
steps:
- name: get-partner
type: call
call: salesforce.get-partner-account
with:
partner_id: '{{partner_id}}'
- name: get-usage
type: call
call: oracle-ebs.get-partner-usage
with:
partner_code: '{{get-partner.Partner_Code__c}}'
period: '{{billing_period}}'
- name: send-report
type: call
call: adobe-campaign.trigger-message
with:
template: wholesale_usage_report
email: '{{get-partner.Billing_Contact_Email__c}}'
params:
partner_name: '{{get-partner.Name}}'
period: '{{billing_period}}'
total_lines: '{{get-usage.active_lines}}'
data_usage_gb: '{{get-usage.total_data_gb}}'
voice_minutes: '{{get-usage.total_voice_minutes}}'
total_amount: '{{get-usage.total_amount}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: partner-accounts
path: /sobjects/Partner_Account__c/{{partner_id}}
inputParameters:
- name: partner_id
in: path
operations:
- name: get-partner-account
method: GET
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/wholesale/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: partner-usage
path: /usage?partner={{partner_code}}&period={{period}}
inputParameters:
- name: partner_code
in: query
- name: period
in: query
operations:
- name: get-partner-usage
method: GET
- type: http
namespace: adobe-campaign
baseUri: https://mc.adobe.io/tmobile/campaign/v1
authentication:
type: bearer
token: $secrets.adobe_campaign_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: transactional-messages
path: /messageCenter/{{template}}/send
inputParameters:
- name: template
in: path
operations:
- name: trigger-message
method: POST
Pulls a traffic summary from Google Analytics for t-mobile.com, returning sessions, bounce rate, and top pages for a given date range.
naftiko: '0.5'
info:
label: Google Analytics Traffic Snapshot
description: Pulls a traffic summary from Google Analytics for t-mobile.com, returning sessions, bounce rate, and top pages for a given date range.
tags:
- analytics
- google-analytics
- marketing
capability:
exposes:
- type: mcp
namespace: web-analytics
port: 8080
tools:
- name: get-traffic-snapshot
description: Retrieve a Google Analytics traffic summary for a given date range. Returns total sessions, unique users, bounce rate, and top landing pages.
inputParameters:
- name: start_date
in: body
type: string
description: Start date in YYYY-MM-DD format.
- name: end_date
in: body
type: string
description: End date in YYYY-MM-DD format.
call: google-analytics.run-report
with:
property_id: properties/123456789
start_date: '{{start_date}}'
end_date: '{{end_date}}'
outputParameters:
- name: total_sessions
type: integer
mapping: $.rows[0].metricValues[0].value
- name: bounce_rate
type: number
mapping: $.rows[0].metricValues[1].value
consumes:
- type: http
namespace: google-analytics
baseUri: https://analyticsdata.googleapis.com/v1beta
authentication:
type: bearer
token: $secrets.google_analytics_token
resources:
- name: reports
path: /{{property_id}}:runReport
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
Plans infrastructure capacity by analyzing utilization trends, modeling growth, and generating procurement requests.
naftiko: '0.5'
info:
label: Infrastructure Capacity Planning Orchestrator
description: Plans infrastructure capacity by analyzing utilization trends, modeling growth, and generating procurement requests.
tags:
- infrastructure
- planning
- finance
capability:
exposes:
- type: mcp
namespace: infrastructure
port: 8080
tools:
- name: run-infrastructure-capacity-planning-orchestrator
description: Plans infrastructure capacity by analyzing utilization trends, modeling growth, and generating procurement requests.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Infrastructure Capacity Planning Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
For a compliance audit, pulls Azure AD sign-in logs, correlates with ServiceNow access requests, and generates an audit document in SharePoint for the compliance team.
naftiko: '0.5'
info:
label: Compliance Audit Trail Orchestrator
description: For a compliance audit, pulls Azure AD sign-in logs, correlates with ServiceNow access requests, and generates an audit document in SharePoint for the compliance team.
tags:
- compliance
- security
- azure-active-directory
- servicenow
- sharepoint
capability:
exposes:
- type: mcp
namespace: compliance-audit
port: 8080
tools:
- name: generate-audit-trail
description: Given a user UPN and date range, pull sign-in logs, correlate with access requests, and create an audit document.
inputParameters:
- name: user_upn
in: body
type: string
description: The user's Azure AD User Principal Name.
- name: start_date
in: body
type: string
description: Audit start date in YYYY-MM-DD format.
- name: end_date
in: body
type: string
description: Audit end date in YYYY-MM-DD format.
steps:
- name: get-sign-ins
type: call
call: azuread.get-sign-in-logs
with:
user_upn: '{{user_upn}}'
start_date: '{{start_date}}'
end_date: '{{end_date}}'
- name: get-access-requests
type: call
call: servicenow.get-access-requests
with:
user: '{{user_upn}}'
start_date: '{{start_date}}'
end_date: '{{end_date}}'
- name: create-audit-doc
type: call
call: sharepoint.create-file
with:
site_id: compliance_audits
file_path: Audits/{{user_upn}}_{{start_date}}_{{end_date}}.md
content: '# Access Audit: {{user_upn}}
Period: {{start_date}} to {{end_date}}
## Sign-In Activity
Total sign-ins: {{get-sign-ins.total_count}}. Unique locations: {{get-sign-ins.location_count}}. Failed attempts: {{get-sign-ins.failure_count}}.
## Access Requests
Total requests: {{get-access-requests.total_count}}. Approved: {{get-access-requests.approved_count}}.'
consumes:
- type: http
namespace: azuread
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: sign-in-logs
path: /auditLogs/signIns?$filter=userPrincipalName eq '{{user_upn}}' and createdDateTime ge {{start_date}} and createdDateTime le {{end_date}}
inputParameters:
- name: user_upn
in: query
- name: start_date
in: query
- name: end_date
in: query
operations:
- name: get-sign-in-logs
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: access-requests
path: /table/sc_request?sysparm_query=requested_for.email={{user}}&opened_atBETWEEN{{start_date}}@{{end_date}}
inputParameters:
- name: user
in: query
- name: start_date
in: query
- name: end_date
in: query
operations:
- name: get-access-requests
method: GET
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /{{site_id}}/drive/root:/{{file_path}}:/content
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: create-file
method: PUT
Checks whether a user is a member of a specific Azure Active Directory group, used by T-Mobile IT for access verification and compliance checks.
naftiko: '0.5'
info:
label: Azure AD Group Membership Check
description: Checks whether a user is a member of a specific Azure Active Directory group, used by T-Mobile IT for access verification and compliance checks.
tags:
- security
- azure-active-directory
capability:
exposes:
- type: mcp
namespace: identity-access
port: 8080
tools:
- name: check-group-membership
description: Check if a user (by UPN) is a member of an Azure AD security group. Returns membership status and group details.
inputParameters:
- name: user_upn
in: body
type: string
description: The user's Azure AD User Principal Name (email).
- name: group_id
in: body
type: string
description: The Azure AD group object ID.
call: azuread.check-member
with:
user_upn: '{{user_upn}}'
group_id: '{{group_id}}'
outputParameters:
- name: is_member
type: boolean
mapping: $.value
consumes:
- type: http
namespace: azuread
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: group-members
path: /groups/{{group_id}}/members?$filter=userPrincipalName eq '{{user_upn}}'
inputParameters:
- name: group_id
in: path
- name: user_upn
in: query
operations:
- name: check-member
method: GET
Evaluates marketing campaign performance by aggregating metrics across channels and generating ROI reports.
naftiko: '0.5'
info:
label: Marketing Campaign Performance Orchestrator
description: Evaluates marketing campaign performance by aggregating metrics across channels and generating ROI reports.
tags:
- marketing
- analytics
- finance
capability:
exposes:
- type: mcp
namespace: marketing
port: 8080
tools:
- name: run-marketing-campaign-performance-orchestrator
description: Evaluates marketing campaign performance by aggregating metrics across channels and generating ROI reports.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Marketing Campaign Performance Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Sends a message to a Microsoft Teams channel.
naftiko: '0.5'
info:
label: Microsoft Teams Message Sender
description: Sends a message to a Microsoft Teams channel.
tags:
- communications
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: communications
port: 8080
tools:
- name: get-microsoft
description: Sends a message to a Microsoft Teams channel.
inputParameters:
- name: entity_id
in: body
type: string
description: The microsoft teams message sender identifier.
call: communications-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: communications-api
baseUri: https://api.t-mobile.com/communications/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: microsoft
path: /microsoft/teams/message/sender/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-microsoft
method: GET
Generates quarterly business reviews by aggregating KPIs from multiple systems, creating presentations, and distributing to stakeholders.
naftiko: '0.5'
info:
label: Quarterly Business Review Orchestrator
description: Generates quarterly business reviews by aggregating KPIs from multiple systems, creating presentations, and distributing to stakeholders.
tags:
- analytics
- business
- sharepoint
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: run-quarterly-business-review-orchestrator
description: Generates quarterly business reviews by aggregating KPIs from multiple systems, creating presentations, and distributing to stakeholders.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Quarterly Business Review Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Aggregates retail store performance by pulling sales data from Salesforce, foot traffic from Google Analytics, and inventory levels from SAP, then posts a daily summary to the retail ops Teams channel.
naftiko: '0.5'
info:
label: Retail Store Performance Dashboard Orchestrator
description: Aggregates retail store performance by pulling sales data from Salesforce, foot traffic from Google Analytics, and inventory levels from SAP, then posts a daily summary to the retail ops Teams channel.
tags:
- retail
- sales
- salesforce
- google-analytics
- sap
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: retail-performance
port: 8080
tools:
- name: generate-store-dashboard
description: Given a store code and date, aggregate sales, traffic, and inventory metrics and post a performance summary to Teams.
inputParameters:
- name: store_code
in: body
type: string
description: The T-Mobile retail store code.
- name: report_date
in: body
type: string
description: The report date in YYYY-MM-DD format.
steps:
- name: get-sales-data
type: call
call: salesforce.get-store-sales
with:
store_code: '{{store_code}}'
date: '{{report_date}}'
- name: get-traffic
type: call
call: google-analytics.run-report
with:
property_id: properties/123456789
store_filter: '{{store_code}}'
start_date: '{{report_date}}'
end_date: '{{report_date}}'
- name: get-inventory-snapshot
type: call
call: sap.get-plant-inventory
with:
plant: '{{store_code}}'
- name: post-dashboard
type: call
call: msteams.post-channel
with:
team_id: retail-operations
channel_id: daily-dashboards
text: 'Store {{store_code}} — {{report_date}}: Activations: {{get-sales-data.activation_count}}, Upgrades: {{get-sales-data.upgrade_count}}, Revenue: ${{get-sales-data.total_revenue}}. Walk-ins: {{get-traffic.total_sessions}}. Top device in stock: {{get-inventory-snapshot.top_sku}} ({{get-inventory-snapshot.top_sku_qty}} units).'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: store-sales
path: /query?q=SELECT+Activation_Count__c,Upgrade_Count__c,Total_Revenue__c+FROM+Store_Sales__c+WHERE+Store_Code__c='{{store_code}}'+AND+Sale_Date__c={{date}}
inputParameters:
- name: store_code
in: query
- name: date
in: query
operations:
- name: get-store-sales
method: GET
- type: http
namespace: google-analytics
baseUri: https://analyticsdata.googleapis.com/v1beta
authentication:
type: bearer
token: $secrets.google_analytics_token
resources:
- name: reports
path: /{{property_id}}:runReport
inputParameters:
- name: property_id
in: path
operations:
- name: run-report
method: POST
- type: http
namespace: sap
baseUri: https://tmobile-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
resources:
- name: plant-inventory
path: /A_MatlStkInAcctMod?$filter=Plant eq '{{plant}}'
inputParameters:
- name: plant
in: query
operations:
- name: get-plant-inventory
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves the running configuration from a Cisco network device via the Cisco DNA Center API, used by T-Mobile network engineering for config audit and backup.
naftiko: '0.5'
info:
label: Cisco Network Device Config Backup
description: Retrieves the running configuration from a Cisco network device via the Cisco DNA Center API, used by T-Mobile network engineering for config audit and backup.
tags:
- network-ops
- cisco
capability:
exposes:
- type: mcp
namespace: network-config
port: 8080
tools:
- name: get-device-config
description: Retrieve the running configuration for a Cisco network device by device ID from Cisco DNA Center.
inputParameters:
- name: device_id
in: body
type: string
description: The Cisco DNA Center device UUID.
call: cisco-dnac.get-config
with:
device_id: '{{device_id}}'
outputParameters:
- name: running_config
type: string
mapping: $.response[0].runningConfig
- name: hostname
type: string
mapping: $.response[0].hostname
consumes:
- type: http
namespace: cisco-dnac
baseUri: https://dnac.tmobile-network.com/dna/intent/api/v1
authentication:
type: bearer
token: $secrets.cisco_dnac_token
resources:
- name: device-configs
path: /network-device/{{device_id}}/config
inputParameters:
- name: device_id
in: path
operations:
- name: get-config
method: GET
Conducts security audits by scanning systems, documenting findings in ServiceNow, and tracking remediation.
naftiko: '0.5'
info:
label: Security Audit Orchestrator
description: Conducts security audits by scanning systems, documenting findings in ServiceNow, and tracking remediation.
tags:
- security
- servicenow
- compliance
capability:
exposes:
- type: mcp
namespace: security
port: 8080
tools:
- name: run-security-audit-orchestrator
description: Conducts security audits by scanning systems, documenting findings in ServiceNow, and tracking remediation.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Security Audit Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Manages vendor contract renewals by reviewing terms, routing for legal approval, and executing via DocuSign.
naftiko: '0.5'
info:
label: Vendor Contract Renewal Pipeline
description: Manages vendor contract renewals by reviewing terms, routing for legal approval, and executing via DocuSign.
tags:
- procurement
- legal
- docusign
capability:
exposes:
- type: mcp
namespace: procurement
port: 8080
tools:
- name: run-vendor-contract-renewal-pipeline
description: Manages vendor contract renewals by reviewing terms, routing for legal approval, and executing via DocuSign.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Vendor Contract Renewal Pipeline for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Queries a Palo Alto Networks firewall rule by name, logs the audit result in ServiceNow as a compliance record, and notifies the security team in Teams.
naftiko: '0.5'
info:
label: Firewall Rule Audit and Compliance Log
description: Queries a Palo Alto Networks firewall rule by name, logs the audit result in ServiceNow as a compliance record, and notifies the security team in Teams.
tags:
- security
- compliance
- palo-alto-networks
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: firewall-ops
port: 8080
tools:
- name: audit-firewall-rule
description: Look up a firewall rule, log the audit finding in ServiceNow, and notify the security compliance team.
inputParameters:
- name: rule_name
in: body
type: string
description: The firewall security rule name.
- name: audit_reason
in: body
type: string
description: The reason for the audit (periodic_review, incident, change_request).
steps:
- name: get-rule
type: call
call: paloalto.get-rule
with:
rule_name: '{{rule_name}}'
- name: log-audit
type: call
call: servicenow.create-task
with:
short_description: 'Firewall Rule Audit: {{rule_name}}'
category: security_audit
assigned_group: Security_Compliance
description: 'Rule: {{rule_name}}. Action: {{get-rule.action}}. Source zones: {{get-rule.source_zone}}. Dest zones: {{get-rule.destination_zone}}. Audit reason: {{audit_reason}}.'
- name: notify-security
type: call
call: msteams.post-channel
with:
team_id: security-compliance
channel_id: firewall-audits
text: 'Firewall Audit — Rule: {{rule_name}}. Action: {{get-rule.action}}. Reason: {{audit_reason}}. Task: {{log-audit.number}}.'
consumes:
- type: http
namespace: paloalto
baseUri: https://panorama.tmobile-security.com/restapi/v10.2
authentication:
type: apiKey
key: $secrets.paloalto_api_key
resources:
- name: security-rules
path: /Policies/SecurityRules?name={{rule_name}}
inputParameters:
- name: rule_name
in: query
operations:
- name: get-rule
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/task
operations:
- name: create-task
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Queries Dynatrace for the health status of a named service, and if the service is degraded opens a ServiceNow incident and notifies the platform team in Microsoft Teams.
naftiko: '0.5'
info:
label: Service Health Check and Incident Creator
description: Queries Dynatrace for the health status of a named service, and if the service is degraded opens a ServiceNow incident and notifies the platform team in Microsoft Teams.
tags:
- monitoring
- dynatrace
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: apm-monitoring
port: 8080
tools:
- name: check-service-health
description: Check a Dynatrace service by name, open a ServiceNow incident if degraded, and notify the platform team in Teams.
inputParameters:
- name: service_name
in: body
type: string
description: The Dynatrace service display name (e.g., tmobile-app-gateway).
steps:
- name: get-service
type: call
call: dynatrace.get-service
with:
service_name: '{{service_name}}'
- name: open-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Service Degradation: {{service_name}} — {{get-service.health_status}}'
category: application
assigned_group: Platform_Engineering
description: 'Service {{service_name}} health: {{get-service.health_status}}. Response time: {{get-service.response_time_ms}}ms. Failure rate: {{get-service.failure_rate}}%.'
- name: notify-team
type: call
call: msteams.post-channel
with:
team_id: platform-engineering
channel_id: service-alerts
text: 'Service Alert — {{service_name}}: Status: {{get-service.health_status}}. Response time: {{get-service.response_time_ms}}ms. Failure rate: {{get-service.failure_rate}}%. Incident: {{open-incident.number}}.'
consumes:
- type: http
namespace: dynatrace
baseUri: https://tmobile.live.dynatrace.com/api/v2
authentication:
type: bearer
token: $secrets.dynatrace_token
resources:
- name: entities
path: /entities?entitySelector=type(SERVICE),entityName({{service_name}})
inputParameters:
- name: service_name
in: query
operations:
- name: get-service
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Queries SolarWinds Orion for a network node's health, and if CPU or memory exceeds thresholds creates a ServiceNow incident and alerts the network engineering team in Teams.
naftiko: '0.5'
info:
label: Node Health Check and Escalation
description: Queries SolarWinds Orion for a network node's health, and if CPU or memory exceeds thresholds creates a ServiceNow incident and alerts the network engineering team in Teams.
tags:
- monitoring
- solarwinds
- network-ops
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: node-monitoring
port: 8080
tools:
- name: check-and-escalate-node
description: Check a SolarWinds node by hostname, create a ServiceNow incident if degraded, and notify the network engineering team.
inputParameters:
- name: hostname
in: body
type: string
description: The network device hostname as registered in SolarWinds.
steps:
- name: get-node
type: call
call: solarwinds.get-node
with:
hostname: '{{hostname}}'
- name: create-incident
type: call
call: servicenow.create-incident
with:
short_description: 'Node Health Alert: {{hostname}} — CPU: {{get-node.cpu_load}}%, Memory: {{get-node.memory_used_pct}}%'
category: network
assigned_group: Network_Engineering
description: 'Node {{hostname}} status: {{get-node.status}}. CPU load: {{get-node.cpu_load}}%. Memory used: {{get-node.memory_used_pct}}%.'
- name: notify-team
type: call
call: msteams.post-channel
with:
team_id: network-engineering
channel_id: node-alerts
text: 'Node Alert — {{hostname}}: Status: {{get-node.status}}. CPU: {{get-node.cpu_load}}%. Memory: {{get-node.memory_used_pct}}%. Incident: {{create-incident.number}}.'
consumes:
- type: http
namespace: solarwinds
baseUri: https://solarwinds.tmobile-network.com:17778/SolarWinds/InformationService/v3/Json
authentication:
type: basic
username: $secrets.solarwinds_user
password: $secrets.solarwinds_password
resources:
- name: nodes
path: /Query?query=SELECT+Status,CPULoad,PercentMemoryUsed+FROM+Orion.Nodes+WHERE+Caption='{{hostname}}'
inputParameters:
- name: hostname
in: query
operations:
- name: get-node
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Generates a quarterly business review package for an enterprise customer by pulling the account from Salesforce, usage from Oracle EBS, open tickets from ServiceNow, and posting the summary to the account team channel.
naftiko: '0.5'
info:
label: Enterprise Account Review Orchestrator
description: Generates a quarterly business review package for an enterprise customer by pulling the account from Salesforce, usage from Oracle EBS, open tickets from ServiceNow, and posting the summary to the account team channel.
tags:
- sales
- enterprise
- salesforce
- oracle-e-business-suite
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: enterprise-reviews
port: 8080
tools:
- name: generate-qbr-package
description: Given an enterprise account ID and review quarter, compile account health, usage, and support metrics into a QBR summary.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce enterprise account ID.
- name: quarter
in: body
type: string
description: The review quarter (e.g., 2026-Q1).
steps:
- name: get-account
type: call
call: salesforce.get-enterprise-account
with:
account_id: '{{account_id}}'
- name: get-usage
type: call
call: oracle-ebs.get-enterprise-usage
with:
customer_number: '{{get-account.Customer_Number__c}}'
quarter: '{{quarter}}'
- name: get-tickets
type: call
call: servicenow.get-account-tickets
with:
account_id: '{{account_id}}'
quarter: '{{quarter}}'
- name: post-qbr
type: call
call: msteams.post-channel
with:
team_id: enterprise-sales
channel_id: qbr-packages
text: 'QBR Ready — {{get-account.Name}} ({{quarter}}): Lines: {{get-usage.active_lines}}. MRC: ${{get-usage.monthly_recurring}}. Data usage: {{get-usage.data_gb}} GB avg/mo. Open tickets: {{get-tickets.open_count}}. SLA met: {{get-tickets.sla_pct}}%.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: enterprise-accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-enterprise-account
method: GET
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/enterprise/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: enterprise-usage
path: /usage?customer={{customer_number}}&quarter={{quarter}}
inputParameters:
- name: customer_number
in: query
- name: quarter
in: query
operations:
- name: get-enterprise-usage
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: account-tickets
path: /table/incident?sysparm_query=account={{account_id}}&opened_atON{{quarter}}
inputParameters:
- name: account_id
in: query
- name: quarter
in: query
operations:
- name: get-account-tickets
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Manages device lifecycle from procurement through deployment and retirement.
naftiko: '0.5'
info:
label: Device Lifecycle Orchestrator
description: Manages device lifecycle from procurement through deployment and retirement.
tags:
- device-management
- procurement
- operations
capability:
exposes:
- type: mcp
namespace: device-management
port: 8080
tools:
- name: run-device-lifecycle-orchestrator
description: Manages device lifecycle from procurement through deployment and retirement.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Device Lifecycle Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Refreshes the knowledge base by identifying outdated articles, routing for review, and publishing updates.
naftiko: '0.5'
info:
label: Knowledge Base Refresh Orchestrator
description: Refreshes the knowledge base by identifying outdated articles, routing for review, and publishing updates.
tags:
- knowledge-management
- collaboration
- operations
capability:
exposes:
- type: mcp
namespace: knowledge-management
port: 8080
tools:
- name: run-knowledge-base-refresh-orchestrator
description: Refreshes the knowledge base by identifying outdated articles, routing for review, and publishing updates.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Knowledge Base Refresh Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Creates a new incident in ServiceNow.
naftiko: '0.5'
info:
label: ServiceNow Incident Creator
description: Creates a new incident in ServiceNow.
tags:
- it
- servicenow
capability:
exposes:
- type: mcp
namespace: it
port: 8080
tools:
- name: get-servicenow
description: Creates a new incident in ServiceNow.
inputParameters:
- name: entity_id
in: body
type: string
description: The servicenow incident creator identifier.
call: it-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: it-api
baseUri: https://api.t-mobile.com/it/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: servicenow
path: /servicenow/incident/creator/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-servicenow
method: GET
Manages IT changes by reviewing requests, scheduling implementation windows, and notifying affected teams.
naftiko: '0.5'
info:
label: IT Change Management Orchestrator
description: Manages IT changes by reviewing requests, scheduling implementation windows, and notifying affected teams.
tags:
- it
- servicenow
- operations
capability:
exposes:
- type: mcp
namespace: it
port: 8080
tools:
- name: run-it-change-management-orchestrator
description: Manages IT changes by reviewing requests, scheduling implementation windows, and notifying affected teams.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed IT Change Management Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Generates marketing copy using OpenAI GPT, reviews it against brand guidelines stored in SharePoint, and posts the draft to the marketing team's Teams channel for approval.
naftiko: '0.5'
info:
label: OpenAI Content Generation for Marketing
description: Generates marketing copy using OpenAI GPT, reviews it against brand guidelines stored in SharePoint, and posts the draft to the marketing team's Teams channel for approval.
tags:
- marketing
- content
- openai
- sharepoint
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: content-generation
port: 8080
tools:
- name: generate-marketing-copy
description: Given a campaign brief, generate marketing copy with AI, cross-reference brand guidelines, and share for review.
inputParameters:
- name: campaign_brief
in: body
type: string
description: A description of the campaign and target audience.
- name: content_type
in: body
type: string
description: The type of content (email, social_post, landing_page, sms).
- name: tone
in: body
type: string
description: Desired tone (bold, friendly, professional, urgent).
steps:
- name: generate-copy
type: call
call: openai.create-completion
with:
model: gpt-4
prompt: 'Write T-Mobile {{content_type}} copy. Brief: {{campaign_brief}}. Tone: {{tone}}. Brand voice: bold, confident, customer-first. Include a clear call to action.'
- name: get-guidelines
type: call
call: sharepoint.get-file
with:
site_id: marketing_brand
file_path: Guidelines/brand-voice-guide.md
- name: post-for-review
type: call
call: msteams.post-channel
with:
team_id: marketing
channel_id: content-review
text: 'AI-Generated {{content_type}} Draft for Review:
Brief: {{campaign_brief}}
Tone: {{tone}}
Generated Copy:
{{generate-copy.text}}
Please review against brand guidelines and approve or suggest edits.'
consumes:
- type: http
namespace: openai
baseUri: https://api.openai.com/v1
authentication:
type: bearer
token: $secrets.openai_api_key
resources:
- name: completions
path: /chat/completions
operations:
- name: create-completion
method: POST
- type: http
namespace: sharepoint
baseUri: https://graph.microsoft.com/v1.0/sites
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /{{site_id}}/drive/root:/{{file_path}}:/content
inputParameters:
- name: site_id
in: path
- name: file_path
in: path
operations:
- name: get-file
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves a New Relic APM application summary, correlates with Dynatrace service data for the same application, and posts a combined health report to the SRE Teams channel.
naftiko: '0.5'
info:
label: Application Performance Cross-Check
description: Retrieves a New Relic APM application summary, correlates with Dynatrace service data for the same application, and posts a combined health report to the SRE Teams channel.
tags:
- monitoring
- new-relic
- dynatrace
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: apm-crosscheck
port: 8080
tools:
- name: cross-check-app-health
description: Pull application metrics from both New Relic and Dynatrace and post a correlated health summary to the SRE team.
inputParameters:
- name: app_name
in: body
type: string
description: The application name as registered in both APM platforms.
steps:
- name: get-newrelic-data
type: call
call: newrelic.get-application
with:
app_name: '{{app_name}}'
- name: get-dynatrace-data
type: call
call: dynatrace.get-service
with:
service_name: '{{app_name}}'
- name: post-report
type: call
call: msteams.post-channel
with:
team_id: sre-team
channel_id: app-health
text: 'App Health Cross-Check — {{app_name}}: New Relic: Response {{get-newrelic-data.response_time}}ms, Error rate {{get-newrelic-data.error_rate}}%, Throughput {{get-newrelic-data.throughput}} rpm. Dynatrace: Status {{get-dynatrace-data.health_status}}, Response {{get-dynatrace-data.response_time_ms}}ms, Failure {{get-dynatrace-data.failure_rate}}%.'
consumes:
- type: http
namespace: newrelic
baseUri: https://api.newrelic.com/v2
authentication:
type: apiKey
key: $secrets.newrelic_api_key
resources:
- name: applications
path: /applications.json?filter[name]={{app_name}}
inputParameters:
- name: app_name
in: query
operations:
- name: get-application
method: GET
- type: http
namespace: dynatrace
baseUri: https://tmobile.live.dynatrace.com/api/v2
authentication:
type: bearer
token: $secrets.dynatrace_token
resources:
- name: entities
path: /entities?entitySelector=type(SERVICE),entityName({{service_name}})
inputParameters:
- name: service_name
in: query
operations:
- name: get-service
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Manages API lifecycle by versioning, deprecating old endpoints, notifying consumers, and updating documentation.
naftiko: '0.5'
info:
label: API Lifecycle Management Orchestrator
description: Manages API lifecycle by versioning, deprecating old endpoints, notifying consumers, and updating documentation.
tags:
- engineering
- api
- operations
capability:
exposes:
- type: mcp
namespace: engineering
port: 8080
tools:
- name: run-api-lifecycle-management-orchestrator
description: Manages API lifecycle by versioning, deprecating old endpoints, notifying consumers, and updating documentation.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed API Lifecycle Management Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Retrieves the status of an AWS EC2 instance by instance ID, returning state, instance type, and availability zone for T-Mobile cloud infrastructure.
naftiko: '0.5'
info:
label: AWS EC2 Instance Status
description: Retrieves the status of an AWS EC2 instance by instance ID, returning state, instance type, and availability zone for T-Mobile cloud infrastructure.
tags:
- infrastructure
- ec2
- amazon-web-services
capability:
exposes:
- type: mcp
namespace: aws-compute
port: 8080
tools:
- name: get-ec2-status
description: Look up an EC2 instance by instance ID. Returns instance state, type, availability zone, and launch time.
inputParameters:
- name: instance_id
in: body
type: string
description: The AWS EC2 instance ID (e.g., i-0abc123def456).
call: aws-ec2.describe-instance
with:
instance_id: '{{instance_id}}'
outputParameters:
- name: state
type: string
mapping: $.Reservations[0].Instances[0].State.Name
- name: instance_type
type: string
mapping: $.Reservations[0].Instances[0].InstanceType
- name: availability_zone
type: string
mapping: $.Reservations[0].Instances[0].Placement.AvailabilityZone
consumes:
- type: http
namespace: aws-ec2
baseUri: https://ec2.us-west-2.amazonaws.com
authentication:
type: awsSigV4
accessKeyId: $secrets.aws_access_key
secretAccessKey: $secrets.aws_secret_key
region: us-west-2
service: ec2
resources:
- name: instances
path: /?Action=DescribeInstances&InstanceId.1={{instance_id}}&Version=2016-11-15
inputParameters:
- name: instance_id
in: query
operations:
- name: describe-instance
method: GET
Generates network performance reviews by aggregating metrics, identifying degradations, and distributing reports.
naftiko: '0.5'
info:
label: Network Performance Review Orchestrator
description: Generates network performance reviews by aggregating metrics, identifying degradations, and distributing reports.
tags:
- network
- analytics
- sharepoint
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: run-network-performance-review-orchestrator
description: Generates network performance reviews by aggregating metrics, identifying degradations, and distributing reports.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Network Performance Review Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Processes a number port-in request by validating the number, creating the port order in the activation system, updating Salesforce, and notifying the customer and retail rep.
naftiko: '0.5'
info:
label: Number Porting Request Orchestrator
description: Processes a number port-in request by validating the number, creating the port order in the activation system, updating Salesforce, and notifying the customer and retail rep.
tags:
- customer-management
- porting
- salesforce
- adobe-campaign
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: number-porting
port: 8080
tools:
- name: process-port-in
description: Given a phone number, account ID, and carrier details, submit a port-in request, update CRM, and send notifications.
inputParameters:
- name: porting_number
in: body
type: string
description: The phone number being ported in E.164 format.
- name: account_id
in: body
type: string
description: The Salesforce customer account ID.
- name: losing_carrier
in: body
type: string
description: The current carrier name.
- name: account_number
in: body
type: string
description: The customer's account number with the losing carrier.
steps:
- name: submit-port-request
type: call
call: activation-api.submit-port
with:
msisdn: '{{porting_number}}'
losing_carrier: '{{losing_carrier}}'
losing_account: '{{account_number}}'
- name: get-account
type: call
call: salesforce.get-account-by-id
with:
account_id: '{{account_id}}'
- name: update-crm
type: call
call: salesforce.create-port-record
with:
account_id: '{{account_id}}'
msisdn: '{{porting_number}}'
port_order_id: '{{submit-port-request.order_id}}'
status: submitted
losing_carrier: '{{losing_carrier}}'
- name: send-confirmation
type: call
call: adobe-campaign.trigger-message
with:
template: port_in_submitted
email: '{{get-account.PersonEmail}}'
params:
customer_name: '{{get-account.Name}}'
porting_number: '{{porting_number}}'
order_id: '{{submit-port-request.order_id}}'
estimated_date: '{{submit-port-request.estimated_completion}}'
consumes:
- type: http
namespace: activation-api
baseUri: https://activation-api.tmobile-network.com/v2
authentication:
type: bearer
token: $secrets.activation_api_token
resources:
- name: port-requests
path: /port-in
operations:
- name: submit-port
method: POST
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-by-id
method: GET
- name: port-records
path: /sobjects/Port_Request__c
operations:
- name: create-port-record
method: POST
- type: http
namespace: adobe-campaign
baseUri: https://mc.adobe.io/tmobile/campaign/v1
authentication:
type: bearer
token: $secrets.adobe_campaign_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: transactional-messages
path: /messageCenter/{{template}}/send
inputParameters:
- name: template
in: path
operations:
- name: trigger-message
method: POST
Maps customer journeys by aggregating touchpoint data, identifying friction points, and generating improvement recommendations.
naftiko: '0.5'
info:
label: Customer Journey Mapping Orchestrator
description: Maps customer journeys by aggregating touchpoint data, identifying friction points, and generating improvement recommendations.
tags:
- customer-experience
- analytics
- product-management
capability:
exposes:
- type: mcp
namespace: customer-experience
port: 8080
tools:
- name: run-customer-journey-mapping-orchestrator
description: Maps customer journeys by aggregating touchpoint data, identifying friction points, and generating improvement recommendations.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Customer Journey Mapping Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
When a network change request is submitted in ServiceNow, validates the change window against the maintenance calendar, checks infrastructure state in Terraform, and notifies the CAB in Microsoft Teams.
naftiko: '0.5'
info:
label: Change Request Approval Pipeline
description: When a network change request is submitted in ServiceNow, validates the change window against the maintenance calendar, checks infrastructure state in Terraform, and notifies the CAB in Microsoft Teams.
tags:
- change-management
- servicenow
- terraform
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: change-management
port: 8080
tools:
- name: process-change-request
description: Given a ServiceNow change request number, validate the change window, check affected infrastructure state, and notify the Change Advisory Board.
inputParameters:
- name: change_number
in: body
type: string
description: The ServiceNow change request number (e.g., CHG0012345).
steps:
- name: get-change
type: call
call: servicenow.get-change
with:
change_number: '{{change_number}}'
- name: get-infra-state
type: call
call: terraform.get-workspace
with:
workspace_name: '{{get-change.configuration_item}}'
- name: notify-cab
type: call
call: msteams.post-channel
with:
team_id: change-advisory-board
channel_id: pending-reviews
text: 'Change Request {{change_number}}: {{get-change.short_description}}. Window: {{get-change.start_date}} to {{get-change.end_date}}. Risk: {{get-change.risk}}. Infra resources affected: {{get-infra-state.resource_count}}. Requestor: {{get-change.requested_by}}.'
consumes:
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: changes
path: /table/change_request?sysparm_query=number={{change_number}}
inputParameters:
- name: change_number
in: query
operations:
- name: get-change
method: GET
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_cloud_token
inputParameters:
- name: Content-Type
in: header
value: application/vnd.api+json
resources:
- name: workspaces
path: /organizations/t-mobile/workspaces/{{workspace_name}}
inputParameters:
- name: workspace_name
in: path
operations:
- name: get-workspace
method: GET
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
When a new lead is captured in HubSpot, enriches with ZoomInfo company data, syncs to Salesforce, and alerts the sales team in Microsoft Teams.
naftiko: '0.5'
info:
label: Marketing Lead Enrichment Pipeline
description: When a new lead is captured in HubSpot, enriches with ZoomInfo company data, syncs to Salesforce, and alerts the sales team in Microsoft Teams.
tags:
- marketing
- lead-generation
- hubspot
- zoominfo
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: lead-enrichment
port: 8080
tools:
- name: enrich-and-route-lead
description: Given a HubSpot contact ID, enrich with ZoomInfo data, create or update the Salesforce lead, and notify the assigned sales rep.
inputParameters:
- name: hubspot_contact_id
in: body
type: string
description: The HubSpot contact ID for the new lead.
steps:
- name: get-contact
type: call
call: hubspot.get-contact
with:
contact_id: '{{hubspot_contact_id}}'
- name: enrich-company
type: call
call: zoominfo.search-company
with:
company_name: '{{get-contact.company}}'
domain: '{{get-contact.website}}'
- name: create-sf-lead
type: call
call: salesforce.create-lead
with:
first_name: '{{get-contact.firstname}}'
last_name: '{{get-contact.lastname}}'
company: '{{get-contact.company}}'
email: '{{get-contact.email}}'
employee_count: '{{enrich-company.employee_count}}'
industry: '{{enrich-company.industry}}'
revenue: '{{enrich-company.revenue}}'
- name: notify-sales
type: call
call: msteams.post-channel
with:
team_id: b2b-sales
channel_id: new-leads
text: 'New Lead: {{get-contact.firstname}} {{get-contact.lastname}} at {{get-contact.company}}. Industry: {{enrich-company.industry}}. Employees: {{enrich-company.employee_count}}. Revenue: ${{enrich-company.revenue}}. SF Lead: {{create-sf-lead.id}}.'
consumes:
- type: http
namespace: hubspot
baseUri: https://api.hubapi.com/crm/v3
authentication:
type: bearer
token: $secrets.hubspot_token
resources:
- name: contacts
path: /objects/contacts/{{contact_id}}
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: zoominfo
baseUri: https://api.zoominfo.com/search
authentication:
type: bearer
token: $secrets.zoominfo_token
resources:
- name: companies
path: /company
operations:
- name: search-company
method: POST
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead
operations:
- name: create-lead
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves employee profile from Workday.
naftiko: '0.5'
info:
label: Workday Employee Profile
description: Retrieves employee profile from Workday.
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: hr
port: 8080
tools:
- name: get-workday
description: Retrieves employee profile from Workday.
inputParameters:
- name: entity_id
in: body
type: string
description: The workday employee profile identifier.
call: hr-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: hr-api
baseUri: https://api.t-mobile.com/hr/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: workday
path: /workday/employee/profile/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-workday
method: GET
Orchestrates telecom workflow 5 by coordinating across systems, validating data, and sending notifications.
naftiko: '0.5'
info:
label: Telecom Workflow 5
description: Orchestrates telecom workflow 5 by coordinating across systems, validating data, and sending notifications.
tags:
- telecom
- operations
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: telecom
port: 8080
tools:
- name: run-telecom-workflow-005
description: Orchestrates telecom workflow 5 by coordinating across systems, validating data, and sending notifications.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Telecom Workflow 5 for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Queries SAP for real-time device inventory levels at a T-Mobile retail store by store code and SKU, used by retail operations to check stock availability.
naftiko: '0.5'
info:
label: Retail Store Inventory Check
description: Queries SAP for real-time device inventory levels at a T-Mobile retail store by store code and SKU, used by retail operations to check stock availability.
tags:
- retail
- inventory
- sap
capability:
exposes:
- type: mcp
namespace: retail-inventory
port: 8080
tools:
- name: check-store-inventory
description: Look up device inventory at a T-Mobile retail store by store code and SKU. Returns quantity on hand, reserved units, and reorder status.
inputParameters:
- name: store_code
in: body
type: string
description: The T-Mobile retail store code (e.g., TMUS-SEA-0312).
- name: sku
in: body
type: string
description: The device SKU to check.
call: sap.get-inventory
with:
plant: '{{store_code}}'
material: '{{sku}}'
outputParameters:
- name: quantity_on_hand
type: integer
mapping: $.d.AvailableStock
- name: reserved_qty
type: integer
mapping: $.d.ReservedStock
- name: reorder_point
type: integer
mapping: $.d.ReorderPoint
consumes:
- type: http
namespace: sap
baseUri: https://tmobile-s4.sap.com/sap/opu/odata/sap/API_MATERIAL_STOCK_SRV
authentication:
type: basic
username: $secrets.sap_user
password: $secrets.sap_password
inputParameters:
- name: sap-client
in: header
value: '100'
resources:
- name: material-stock
path: /A_MatlStkInAcctMod(Plant='{{plant}}',Material='{{material}}')
inputParameters:
- name: plant
in: path
- name: material
in: path
operations:
- name: get-inventory
method: GET
Executes customer retention workflows by identifying at-risk subscribers, generating offers, and tracking acceptance.
naftiko: '0.5'
info:
label: Customer Retention Orchestrator
description: Executes customer retention workflows by identifying at-risk subscribers, generating offers, and tracking acceptance.
tags:
- customer-service
- analytics
- salesforce
capability:
exposes:
- type: mcp
namespace: customer-service
port: 8080
tools:
- name: run-customer-retention-orchestrator
description: Executes customer retention workflows by identifying at-risk subscribers, generating offers, and tracking acceptance.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Customer Retention Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Orchestrates telecom workflow 4 by coordinating across systems, validating data, and sending notifications.
naftiko: '0.5'
info:
label: Telecom Workflow 4
description: Orchestrates telecom workflow 4 by coordinating across systems, validating data, and sending notifications.
tags:
- telecom
- operations
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: telecom
port: 8080
tools:
- name: run-telecom-workflow-004
description: Orchestrates telecom workflow 4 by coordinating across systems, validating data, and sending notifications.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Telecom Workflow 4 for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
When a billing dispute is filed, retrieves the customer account from Salesforce, pulls invoice details from Oracle E-Business Suite, creates a ServiceNow case, and notifies the billing ops team in Teams.
naftiko: '0.5'
info:
label: Billing Dispute Resolution Orchestrator
description: When a billing dispute is filed, retrieves the customer account from Salesforce, pulls invoice details from Oracle E-Business Suite, creates a ServiceNow case, and notifies the billing ops team in Teams.
tags:
- billing
- dispute
- salesforce
- oracle-e-business-suite
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: billing-disputes
port: 8080
tools:
- name: process-billing-dispute
description: Given a customer account ID and disputed invoice number, pull account and invoice details, open a dispute case, and notify the billing team.
inputParameters:
- name: account_id
in: body
type: string
description: The Salesforce customer account ID.
- name: invoice_number
in: body
type: string
description: The disputed invoice number from Oracle EBS.
- name: dispute_reason
in: body
type: string
description: Customer-stated reason for the billing dispute.
steps:
- name: get-customer
type: call
call: salesforce.get-account-by-id
with:
account_id: '{{account_id}}'
- name: get-invoice
type: call
call: oracle-ebs.get-invoice
with:
invoice_number: '{{invoice_number}}'
- name: open-dispute-case
type: call
call: servicenow.create-case
with:
short_description: 'Billing Dispute: {{get-customer.Name}} — Invoice {{invoice_number}}'
category: billing_dispute
assigned_group: Billing_Operations
description: 'Customer: {{get-customer.Name}} ({{account_id}}). Invoice: {{invoice_number}}, Amount: ${{get-invoice.total_amount}}. Reason: {{dispute_reason}}. Due date: {{get-invoice.due_date}}.'
- name: notify-billing-team
type: call
call: msteams.post-channel
with:
team_id: billing-operations
channel_id: disputes
text: 'New Billing Dispute — {{get-customer.Name}}: Invoice {{invoice_number}} (${{get-invoice.total_amount}}). Reason: {{dispute_reason}}. Case: {{open-dispute-case.number}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-by-id
method: GET
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/ar/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: invoices
path: /invoices/{{invoice_number}}
inputParameters:
- name: invoice_number
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cases
path: /table/sn_customerservice_case
operations:
- name: create-case
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Collects sustainability metrics by gathering environmental data, calculating carbon footprint, and publishing ESG reports.
naftiko: '0.5'
info:
label: Sustainability Metrics Collection Orchestrator
description: Collects sustainability metrics by gathering environmental data, calculating carbon footprint, and publishing ESG reports.
tags:
- sustainability
- analytics
- compliance
capability:
exposes:
- type: mcp
namespace: sustainability
port: 8080
tools:
- name: run-sustainability-metrics-collection-orchestrator
description: Collects sustainability metrics by gathering environmental data, calculating carbon footprint, and publishing ESG reports.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Sustainability Metrics Collection Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Plans spectrum refarming by analyzing usage patterns, modeling reallocation, and coordinating tower updates.
naftiko: '0.5'
info:
label: Spectrum Refarming Orchestrator
description: Plans spectrum refarming by analyzing usage patterns, modeling reallocation, and coordinating tower updates.
tags:
- network
- spectrum
- planning
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: run-spectrum-refarming-orchestrator
description: Plans spectrum refarming by analyzing usage patterns, modeling reallocation, and coordinating tower updates.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Spectrum Refarming Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Retrieves a T-Mobile customer account by phone number from Salesforce, pulls recent billing details from Oracle EBS, and returns a combined account and billing view.
naftiko: '0.5'
info:
label: Customer Account and Billing Summary
description: Retrieves a T-Mobile customer account by phone number from Salesforce, pulls recent billing details from Oracle EBS, and returns a combined account and billing view.
tags:
- customer-management
- billing
- salesforce
- oracle-e-business-suite
capability:
exposes:
- type: mcp
namespace: customer-account
port: 8080
tools:
- name: get-customer-account
description: Look up a T-Mobile customer account by MSISDN and retrieve associated billing summary from Oracle EBS.
inputParameters:
- name: msisdn
in: body
type: string
description: The customer mobile number (MSISDN) in E.164 format.
steps:
- name: get-account
type: call
call: salesforce.get-account
with:
msisdn: '{{msisdn}}'
- name: get-billing
type: call
call: oracle-ebs.get-billing-summary
with:
customer_number: '{{get-account.Customer_Number__c}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: accounts
path: /query?q=SELECT+Id,Account_Status__c,Rate_Plan__c,Balance_Due__c,Customer_Number__c+FROM+Account+WHERE+MSISDN__c='{{msisdn}}'
inputParameters:
- name: msisdn
in: query
operations:
- name: get-account
method: GET
- type: http
namespace: oracle-ebs
baseUri: https://ebs.tmobile-finance.com/webservices/rest/billing/v1
authentication:
type: basic
username: $secrets.oracle_ebs_user
password: $secrets.oracle_ebs_password
resources:
- name: billing-summary
path: /customers/{{customer_number}}/billing-summary
inputParameters:
- name: customer_number
in: path
operations:
- name: get-billing-summary
method: GET
Processes a device warranty claim by looking up the device in Salesforce, verifying warranty status, creating a ServiceNow case, and notifying the customer via Adobe Campaign.
naftiko: '0.5'
info:
label: Device Warranty Claim Processor
description: Processes a device warranty claim by looking up the device in Salesforce, verifying warranty status, creating a ServiceNow case, and notifying the customer via Adobe Campaign.
tags:
- customer-management
- warranty
- salesforce
- servicenow
- adobe-campaign
capability:
exposes:
- type: mcp
namespace: warranty-claims
port: 8080
tools:
- name: process-warranty-claim
description: Given a device IMEI and account ID, verify warranty eligibility, open a claim case, and send the customer a confirmation.
inputParameters:
- name: imei
in: body
type: string
description: The device IMEI number (15 digits).
- name: account_id
in: body
type: string
description: The Salesforce customer account ID.
- name: issue_description
in: body
type: string
description: Description of the device issue.
steps:
- name: get-device
type: call
call: salesforce.get-device
with:
imei: '{{imei}}'
- name: get-account
type: call
call: salesforce.get-account-by-id
with:
account_id: '{{account_id}}'
- name: create-claim
type: call
call: servicenow.create-case
with:
short_description: 'Warranty Claim: {{get-device.Device_Model__c}} — {{get-account.Name}}'
category: warranty_claim
assigned_group: Device_Support
description: 'Customer: {{get-account.Name}}. Device: {{get-device.Device_Model__c}} (IMEI: {{imei}}). Warranty expires: {{get-device.Warranty_End__c}}. Issue: {{issue_description}}.'
- name: notify-customer
type: call
call: adobe-campaign.trigger-message
with:
template: warranty_claim_received
email: '{{get-account.PersonEmail}}'
params:
customer_name: '{{get-account.Name}}'
device: '{{get-device.Device_Model__c}}'
case_number: '{{create-claim.number}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: devices
path: /query?q=SELECT+Device_Model__c,Warranty_End__c+FROM+Device__c+WHERE+IMEI__c='{{imei}}'
inputParameters:
- name: imei
in: query
operations:
- name: get-device
method: GET
- name: accounts
path: /sobjects/Account/{{account_id}}
inputParameters:
- name: account_id
in: path
operations:
- name: get-account-by-id
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: cases
path: /table/sn_customerservice_case
operations:
- name: create-case
method: POST
- type: http
namespace: adobe-campaign
baseUri: https://mc.adobe.io/tmobile/campaign/v1
authentication:
type: bearer
token: $secrets.adobe_campaign_token
inputParameters:
- name: x-api-key
in: header
value: $secrets.adobe_api_key
resources:
- name: transactional-messages
path: /messageCenter/{{template}}/send
inputParameters:
- name: template
in: path
operations:
- name: trigger-message
method: POST
Creates and schedules a customer marketing email campaign in MailChimp, logs the campaign in Salesforce, and notifies the marketing team in Teams.
naftiko: '0.5'
info:
label: Email Campaign Launcher
description: Creates and schedules a customer marketing email campaign in MailChimp, logs the campaign in Salesforce, and notifies the marketing team in Teams.
tags:
- marketing
- email
- mailchimp
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: email-campaigns
port: 8080
tools:
- name: launch-email-campaign
description: Given campaign details and a MailChimp list ID, create the campaign, log it in Salesforce, and notify the marketing channel.
inputParameters:
- name: campaign_name
in: body
type: string
description: The campaign display name.
- name: list_id
in: body
type: string
description: The MailChimp audience list ID.
- name: subject_line
in: body
type: string
description: The email subject line.
- name: send_time
in: body
type: string
description: Scheduled send time in ISO 8601 format.
steps:
- name: create-campaign
type: call
call: mailchimp.create-campaign
with:
name: '{{campaign_name}}'
list_id: '{{list_id}}'
subject_line: '{{subject_line}}'
send_time: '{{send_time}}'
- name: log-in-salesforce
type: call
call: salesforce.create-campaign
with:
name: '{{campaign_name}}'
type: Email
status: Scheduled
external_id: '{{create-campaign.id}}'
- name: notify-marketing
type: call
call: msteams.post-channel
with:
team_id: marketing
channel_id: campaigns
text: 'Email Campaign Scheduled — {{campaign_name}}: Subject: "{{subject_line}}". Send time: {{send_time}}. MailChimp ID: {{create-campaign.id}}. SF Campaign: {{log-in-salesforce.id}}.'
consumes:
- type: http
namespace: mailchimp
baseUri: https://us1.api.mailchimp.com/3.0
authentication:
type: basic
username: anystring
password: $secrets.mailchimp_api_key
resources:
- name: campaigns
path: /campaigns
operations:
- name: create-campaign
method: POST
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: campaigns
path: /sobjects/Campaign
operations:
- name: create-campaign
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
When a fraud signal is detected, pulls the subscriber profile from Salesforce, queries SIM swap history from the fraud platform, opens a security incident in ServiceNow, and alerts the fraud ops team in Teams.
naftiko: '0.5'
info:
label: Fraud Alert Investigation Pipeline
description: When a fraud signal is detected, pulls the subscriber profile from Salesforce, queries SIM swap history from the fraud platform, opens a security incident in ServiceNow, and alerts the fraud ops team in Teams.
tags:
- fraud
- security
- salesforce
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: fraud-investigation
port: 8080
tools:
- name: investigate-fraud-alert
description: Given a subscriber MSISDN and fraud alert type, pull subscriber details, check SIM swap history, open a security incident, and notify the fraud team.
inputParameters:
- name: msisdn
in: body
type: string
description: The subscriber phone number in E.164 format.
- name: alert_type
in: body
type: string
description: The type of fraud alert (sim_swap, account_takeover, device_fraud, subscription_fraud).
- name: risk_score
in: body
type: number
description: The fraud risk score (0-100).
steps:
- name: get-subscriber
type: call
call: salesforce.get-subscriber
with:
msisdn: '{{msisdn}}'
- name: get-sim-history
type: call
call: fraud-platform.get-sim-swaps
with:
msisdn: '{{msisdn}}'
- name: open-security-incident
type: call
call: servicenow.create-security-incident
with:
short_description: 'Fraud Alert: {{alert_type}} — {{msisdn}}'
category: fraud
severity: '2'
assigned_group: Fraud_Operations
description: 'MSISDN: {{msisdn}}. Alert: {{alert_type}}. Risk score: {{risk_score}}. Customer: {{get-subscriber.Name}}. SIM swaps in last 90 days: {{get-sim-history.swap_count}}. Last swap: {{get-sim-history.last_swap_date}}.'
- name: notify-fraud-team
type: call
call: msteams.post-channel
with:
team_id: fraud-operations
channel_id: alerts
text: 'FRAUD ALERT — {{alert_type}} for {{msisdn}} ({{get-subscriber.Name}}). Risk: {{risk_score}}/100. SIM swaps: {{get-sim-history.swap_count}}. Incident: {{open-security-incident.number}}.'
consumes:
- type: http
namespace: salesforce
baseUri: https://tmobile.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: subscribers
path: /query?q=SELECT+Id,Name,MSISDN__c,Account_Status__c+FROM+Subscriber__c+WHERE+MSISDN__c='{{msisdn}}'
inputParameters:
- name: msisdn
in: query
operations:
- name: get-subscriber
method: GET
- type: http
namespace: fraud-platform
baseUri: https://fraud-api.tmobile-security.com/v1
authentication:
type: bearer
token: $secrets.fraud_platform_token
resources:
- name: sim-swaps
path: /sim-swaps?msisdn={{msisdn}}&days=90
inputParameters:
- name: msisdn
in: query
operations:
- name: get-sim-swaps
method: GET
- type: http
namespace: servicenow
baseUri: https://tmobile.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: security-incidents
path: /table/sn_si_incident
operations:
- name: create-security-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Resolves billing disputes by pulling usage records, comparing with billed amounts, and processing credits.
naftiko: '0.5'
info:
label: Billing Dispute Orchestrator
description: Resolves billing disputes by pulling usage records, comparing with billed amounts, and processing credits.
tags:
- billing
- customer-service
- finance
capability:
exposes:
- type: mcp
namespace: billing
port: 8080
tools:
- name: run-billing-dispute-orchestrator
description: Resolves billing disputes by pulling usage records, comparing with billed amounts, and processing credits.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Billing Dispute Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Views spectrum band allocation details.
naftiko: '0.5'
info:
label: Spectrum Band Allocation Viewer
description: Views spectrum band allocation details.
tags:
- network
- spectrum
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: get-spectrum
description: Views spectrum band allocation details.
inputParameters:
- name: entity_id
in: body
type: string
description: The spectrum band allocation viewer identifier.
call: network-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: network-api
baseUri: https://api.t-mobile.com/network/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: spectrum
path: /spectrum/band/allocation/viewer/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-spectrum
method: GET
Handles coverage complaints by investigating signal data, scheduling tower adjustments, and following up with customers.
naftiko: '0.5'
info:
label: Coverage Complaint Orchestrator
description: Handles coverage complaints by investigating signal data, scheduling tower adjustments, and following up with customers.
tags:
- customer-service
- network
- operations
capability:
exposes:
- type: mcp
namespace: customer-service
port: 8080
tools:
- name: run-coverage-complaint-orchestrator
description: Handles coverage complaints by investigating signal data, scheduling tower adjustments, and following up with customers.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Coverage Complaint Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Manages roaming agreements by tracking partner usage, calculating settlements, and generating invoices.
naftiko: '0.5'
info:
label: Roaming Agreement Orchestrator
description: Manages roaming agreements by tracking partner usage, calculating settlements, and generating invoices.
tags:
- partnerships
- finance
- billing
capability:
exposes:
- type: mcp
namespace: partnerships
port: 8080
tools:
- name: run-roaming-agreement-orchestrator
description: Manages roaming agreements by tracking partner usage, calculating settlements, and generating invoices.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Roaming Agreement Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Assigns a Pluralsight learning path to a team by looking up members in Workday, creating assignments in Pluralsight, and notifying the team in Microsoft Teams.
naftiko: '0.5'
info:
label: Pluralsight Learning Path Assignment
description: Assigns a Pluralsight learning path to a team by looking up members in Workday, creating assignments in Pluralsight, and notifying the team in Microsoft Teams.
tags:
- learning
- pluralsight
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: learning-management
port: 8080
tools:
- name: assign-learning-path
description: Given a Workday team ID and Pluralsight channel ID, assign the learning path to all team members and notify them.
inputParameters:
- name: team_id
in: body
type: string
description: The Workday supervisory org ID for the team.
- name: channel_id
in: body
type: string
description: The Pluralsight channel/path ID.
- name: due_date
in: body
type: string
description: Assignment due date in YYYY-MM-DD format.
steps:
- name: get-team-members
type: call
call: workday.get-team
with:
org_id: '{{team_id}}'
- name: create-assignment
type: call
call: pluralsight.assign-channel
with:
channel_id: '{{channel_id}}'
user_emails: '{{get-team-members.emails}}'
due_date: '{{due_date}}'
- name: notify-team
type: call
call: msteams.post-channel
with:
team_id: '{{team_id}}'
channel_id: general
text: 'New Learning Assignment: A Pluralsight learning path has been assigned to your team. Due by {{due_date}}. {{create-assignment.assigned_count}} team members enrolled. Start here: {{create-assignment.channel_url}}.'
consumes:
- type: http
namespace: workday
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1/tmobile
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: teams
path: /supervisoryOrganizations/{{org_id}}/workers
inputParameters:
- name: org_id
in: path
operations:
- name: get-team
method: GET
- type: http
namespace: pluralsight
baseUri: https://app.pluralsight.com/api/v1
authentication:
type: bearer
token: $secrets.pluralsight_token
resources:
- name: channel-assignments
path: /channels/{{channel_id}}/assignments
inputParameters:
- name: channel_id
in: path
operations:
- name: assign-channel
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/{{team_id}}/channels/{{channel_id}}/messages
inputParameters:
- name: team_id
in: path
- name: channel_id
in: path
operations:
- name: post-channel
method: POST
Retrieves telecom operational data for workflow 3.
naftiko: '0.5'
info:
label: Telecom Data Query 3
description: Retrieves telecom operational data for workflow 3.
tags:
- telecom
- operations
capability:
exposes:
- type: mcp
namespace: telecom
port: 8080
tools:
- name: get-data-3
description: Query telecom data for workflow 3.
inputParameters:
- name: entity_id
in: body
type: string
description: The entity identifier.
call: telecom-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: telecom-api
baseUri: https://api.t-mobile.com/telecom/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: data
path: /data/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-data-3
method: GET
Routes emergency services calls by locating the caller, identifying nearest PSAP, and forwarding with location data.
naftiko: '0.5'
info:
label: Emergency Services Routing Orchestrator
description: Routes emergency services calls by locating the caller, identifying nearest PSAP, and forwarding with location data.
tags:
- network
- emergency
- compliance
capability:
exposes:
- type: mcp
namespace: network
port: 8080
tools:
- name: run-emergency-services-routing-orchestrator
description: Routes emergency services calls by locating the caller, identifying nearest PSAP, and forwarding with location data.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Emergency Services Routing Orchestrator for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Orchestrates telecom workflow 2 by coordinating across systems, validating data, and sending notifications.
naftiko: '0.5'
info:
label: Telecom Workflow 2
description: Orchestrates telecom workflow 2 by coordinating across systems, validating data, and sending notifications.
tags:
- telecom
- operations
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: telecom
port: 8080
tools:
- name: run-telecom-workflow-002
description: Orchestrates telecom workflow 2 by coordinating across systems, validating data, and sending notifications.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Telecom Workflow 2 for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Retrieves the current Terraform Cloud workspace state for a given workspace, showing resource counts and drift status for T-Mobile cloud infrastructure.
naftiko: '0.5'
info:
label: Terraform Infrastructure State Query
description: Retrieves the current Terraform Cloud workspace state for a given workspace, showing resource counts and drift status for T-Mobile cloud infrastructure.
tags:
- infrastructure
- terraform
capability:
exposes:
- type: mcp
namespace: infra-state
port: 8080
tools:
- name: get-workspace-state
description: Query Terraform Cloud for the current state of a workspace. Returns resource count, last apply status, and any detected drift.
inputParameters:
- name: workspace_name
in: body
type: string
description: The Terraform Cloud workspace name (e.g., tmobile-5g-core-prod).
call: terraform.get-workspace
with:
workspace_name: '{{workspace_name}}'
outputParameters:
- name: resource_count
type: integer
mapping: $.data.attributes.resource-count
- name: last_apply_status
type: string
mapping: $.data.attributes.current-run.status
consumes:
- type: http
namespace: terraform
baseUri: https://app.terraform.io/api/v2
authentication:
type: bearer
token: $secrets.terraform_cloud_token
inputParameters:
- name: Content-Type
in: header
value: application/vnd.api+json
resources:
- name: workspaces
path: /organizations/t-mobile/workspaces/{{workspace_name}}
inputParameters:
- name: workspace_name
in: path
operations:
- name: get-workspace
method: GET
Orchestrates telecom workflow 1 by coordinating across systems, validating data, and sending notifications.
naftiko: '0.5'
info:
label: Telecom Workflow 1
description: Orchestrates telecom workflow 1 by coordinating across systems, validating data, and sending notifications.
tags:
- telecom
- operations
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: telecom
port: 8080
tools:
- name: run-telecom-workflow-001
description: Orchestrates telecom workflow 1 by coordinating across systems, validating data, and sending notifications.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Telecom Workflow 1 for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Triggers a Power BI dataset refresh.
naftiko: '0.5'
info:
label: Power BI Dashboard Refresher
description: Triggers a Power BI dataset refresh.
tags:
- analytics
- power-bi
capability:
exposes:
- type: mcp
namespace: analytics
port: 8080
tools:
- name: get-power
description: Triggers a Power BI dataset refresh.
inputParameters:
- name: entity_id
in: body
type: string
description: The power bi dashboard refresher identifier.
call: analytics-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: analytics-api
baseUri: https://api.t-mobile.com/analytics/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: power
path: /power/bi/dashboard/refresher/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-power
method: GET
Handles customer data privacy requests by locating records, processing deletions, and confirming compliance.
naftiko: '0.5'
info:
label: Customer Data Privacy Request Handler
description: Handles customer data privacy requests by locating records, processing deletions, and confirming compliance.
tags:
- compliance
- privacy
- customer-service
capability:
exposes:
- type: mcp
namespace: compliance
port: 8080
tools:
- name: run-customer-data-privacy-request-handler
description: Handles customer data privacy requests by locating records, processing deletions, and confirming compliance.
inputParameters:
- name: request_id
in: body
type: string
description: The unique request identifier.
steps:
- name: step-1
type: call
call: primary-api.initiate
with:
request_id: '{{request_id}}'
- name: step-2
type: call
call: secondary-api.process
with:
request_id: '{{request_id}}'
data: '{{step-1.result}}'
- name: notify
type: call
call: notification-api.send
with:
channel: operations
message: Completed Customer Data Privacy Request Handler for request {{request_id}}.
consumes:
- type: http
namespace: primary-api
baseUri: https://api.t-mobile.com/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: primary
path: /process
operations:
- name: initiate
method: POST
- type: http
namespace: secondary-api
baseUri: https://api.t-mobile.com/v2
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: secondary
path: /execute
operations:
- name: process
method: POST
- type: http
namespace: notification-api
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: messages
path: /teams/notifications
operations:
- name: send
method: POST
Retrieves a file from Google Drive.
naftiko: '0.5'
info:
label: Google Drive File Viewer
description: Retrieves a file from Google Drive.
tags:
- collaboration
- google-drive
capability:
exposes:
- type: mcp
namespace: collaboration
port: 8080
tools:
- name: get-google
description: Retrieves a file from Google Drive.
inputParameters:
- name: entity_id
in: body
type: string
description: The google drive file viewer identifier.
call: collaboration-api.get-data
with:
entity_id: '{{entity_id}}'
consumes:
- type: http
namespace: collaboration-api
baseUri: https://api.t-mobile.com/collaboration/v1
authentication:
type: bearer
token: $secrets.t_mobile_api_token
resources:
- name: google
path: /google/drive/file/viewer/{{entity_id}}
inputParameters:
- name: entity_id
in: path
operations:
- name: get-google
method: GET
When Snowflake analytics detect a self-healing opportunity, triggers automated remediation and notifies network ops.
naftiko: '0.5'
info:
label: Autonomous Network Healing Workflow
description: When Snowflake analytics detect a self-healing opportunity, triggers automated remediation and notifies network ops.
tags:
- network
- automation
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: autonomous_network_healing_workflow
description: When Snowflake analytics detect a self-healing opportunity, triggers automated remediation and notifies network ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Autonomous Network Healing Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Autonomous Network Healing Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
At month end, queries Oracle ERP for open accounts payable and receivable items, then creates a period-close checklist task in ServiceNow for the finance controller.
naftiko: '0.5'
info:
label: Oracle Period-Close Financial Checklist
description: At month end, queries Oracle ERP for open accounts payable and receivable items, then creates a period-close checklist task in ServiceNow for the finance controller.
tags:
- finance
- period-close
- oracle
- servicenow
- reporting
capability:
exposes:
- type: mcp
namespace: finance-period-close
port: 8080
tools:
- name: run-period-close-checklist
description: Given a fiscal period and ledger ID, fetch open AP and AR items from Oracle ERP and create a ServiceNow period-close task for the finance team.
inputParameters:
- name: fiscal_period
in: body
type: string
description: Fiscal period in YYYYMM format.
- name: ledger_id
in: body
type: string
description: Oracle General Ledger ledger ID.
- name: finance_group
in: body
type: string
description: ServiceNow assignment group for the finance controller team.
steps:
- name: get-open-ap
type: call
call: oracle-ap.get-open-invoices
with:
fiscal_period: '{{fiscal_period}}'
ledger_id: '{{ledger_id}}'
- name: create-close-task
type: call
call: servicenow-close.create-task
with:
short_description: 'Period close: {{fiscal_period}} — open AP items require review'
description: 'Oracle ERP open AP items for period {{fiscal_period}}: {{get-open-ap.count}} invoices totaling {{get-open-ap.total_amount}}. Clear before period close.'
assignment_group: '{{finance_group}}'
consumes:
- type: http
namespace: oracle-ap
baseUri: https://verizon.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05
authentication:
type: basic
username: $secrets.oracle_user
password: $secrets.oracle_password
resources:
- name: invoices
path: /invoices
operations:
- name: get-open-invoices
method: GET
- type: http
namespace: servicenow-close
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
When a Salesforce enterprise opportunity reaches Closed Won, enriches it with Oracle ERP data and creates a provisioning task in ServiceNow for the network delivery team.
naftiko: '0.5'
info:
label: Salesforce Enterprise Deal Sync
description: When a Salesforce enterprise opportunity reaches Closed Won, enriches it with Oracle ERP data and creates a provisioning task in ServiceNow for the network delivery team.
tags:
- crm
- sales
- salesforce
- oracle
- servicenow
- opportunity
capability:
exposes:
- type: mcp
namespace: crm-deal-sync
port: 8080
tools:
- name: sync-enterprise-deal
description: Given a Salesforce opportunity ID, fetch deal details, validate the customer account in Oracle ERP, and create a ServiceNow provisioning task for network delivery.
inputParameters:
- name: opportunity_id
in: body
type: string
description: The Salesforce opportunity record ID (18-character).
- name: delivery_group
in: body
type: string
description: ServiceNow assignment group for network provisioning.
steps:
- name: get-opportunity
type: call
call: salesforce.get-opportunity
with:
opportunity_id: '{{opportunity_id}}'
- name: get-oracle-customer
type: call
call: oracle-erp.get-customer
with:
account_number: '{{get-opportunity.AccountId}}'
- name: create-provisioning-task
type: call
call: servicenow-delivery.create-task
with:
short_description: 'Network provisioning: {{get-opportunity.Name}}'
description: 'New enterprise deal closed. Customer: {{get-oracle-customer.PartyName}}. Contract value: {{get-opportunity.Amount}} {{get-opportunity.CurrencyIsoCode}}. Services: {{get-opportunity.Description}}.'
assignment_group: '{{delivery_group}}'
consumes:
- type: http
namespace: salesforce
baseUri: https://verizon.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: opportunities
path: /sobjects/Opportunity/{{opportunity_id}}
inputParameters:
- name: opportunity_id
in: path
operations:
- name: get-opportunity
method: GET
- type: http
namespace: oracle-erp
baseUri: https://verizon.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05
authentication:
type: basic
username: $secrets.oracle_user
password: $secrets.oracle_password
resources:
- name: customers
path: /customers/{{account_number}}
inputParameters:
- name: account_number
in: path
operations:
- name: get-customer
method: GET
- type: http
namespace: servicenow-delivery
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
Retrieves vendor master data from Oracle ERP.
naftiko: '0.5'
info:
label: Oracle ERP Vendor Lookup
description: Retrieves vendor master data from Oracle ERP.
tags:
- procurement
- oracle
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: oracle_erp_vendor_lookup
description: Retrieves vendor master data from Oracle ERP.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-oracle
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
When a CrowdStrike detection indicates an endpoint compromise, automatically isolates the host, creates a ServiceNow P1 security incident, and notifies the CISO team via Slack.
naftiko: '0.5'
info:
label: CrowdStrike Endpoint Isolation Response
description: When a CrowdStrike detection indicates an endpoint compromise, automatically isolates the host, creates a ServiceNow P1 security incident, and notifies the CISO team via Slack.
tags:
- security
- crowdstrike
- servicenow
- slack
- endpoint-security
- incident-response
capability:
exposes:
- type: mcp
namespace: endpoint-response
port: 8080
tools:
- name: isolate-compromised-endpoint
description: Given a CrowdStrike device ID and detection ID, contain the endpoint via CrowdStrike, create a P1 security incident in ServiceNow, and alert the CISO team on Slack.
inputParameters:
- name: device_id
in: body
type: string
description: The CrowdStrike device ID to contain.
- name: detection_id
in: body
type: string
description: The CrowdStrike detection ID triggering the isolation.
- name: hostname
in: body
type: string
description: Hostname of the compromised endpoint.
steps:
- name: contain-device
type: call
call: crowdstrike-contain.contain-host
with:
device_id: '{{device_id}}'
- name: create-p1-incident
type: call
call: servicenow-endpoint.create-incident
with:
short_description: 'ENDPOINT COMPROMISE: {{hostname}} isolated via CrowdStrike'
description: CrowdStrike detection {{detection_id}} triggered automatic isolation of {{hostname}} (device {{device_id}}). Immediate investigation required.
category: security
urgency: '1'
impact: '1'
- name: alert-ciso
type: call
call: slack-ciso.post-message
with:
channel: ciso-alerts
text: 'CRITICAL: Endpoint {{hostname}} isolated. CrowdStrike detection: {{detection_id}}. ServiceNow P1: {{create-p1-incident.number}}. Immediate response required.'
consumes:
- type: http
namespace: crowdstrike-contain
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: device-actions
path: /devices/entities/devices-actions/v2
operations:
- name: contain-host
method: POST
- type: http
namespace: servicenow-endpoint
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-ciso
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Queries Snowflake for network KPIs, refreshes Power BI executive dashboard, and posts summary.
naftiko: '0.5'
info:
label: Power BI Network Executive Dashboard Refresh
description: Queries Snowflake for network KPIs, refreshes Power BI executive dashboard, and posts summary.
tags:
- reporting
- network
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: power_bi_network_executive_dashboard_refresh
description: Queries Snowflake for network KPIs, refreshes Power BI executive dashboard, and posts summary.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Power BI Network Executive Dashboard Refresh: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Power BI Network Executive Dashboard Refresh for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When CrowdStrike detects malware, quarantines the endpoint, creates ServiceNow incident, and alerts SOC.
naftiko: '0.5'
info:
label: CrowdStrike Endpoint Quarantine Workflow
description: When CrowdStrike detects malware, quarantines the endpoint, creates ServiceNow incident, and alerts SOC.
tags:
- security
- crowdstrike
- servicenow
- slack
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: crowdstrike_endpoint_quarantine_workflow
description: When CrowdStrike detects malware, quarantines the endpoint, creates ServiceNow incident, and alerts SOC.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'CrowdStrike Endpoint Quarantine Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'CrowdStrike Endpoint Quarantine Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Triggers the annual performance review cycle in Workday for a given department and creates tracking tasks in ServiceNow for HR business partners to monitor completion.
naftiko: '0.5'
info:
label: Workday Annual Review Cycle Kickoff
description: Triggers the annual performance review cycle in Workday for a given department and creates tracking tasks in ServiceNow for HR business partners to monitor completion.
tags:
- hr
- performance-management
- workday
- servicenow
- review-cycle
capability:
exposes:
- type: mcp
namespace: performance-review
port: 8080
tools:
- name: kickoff-review-cycle
description: Given a department ID and review deadline, trigger the annual performance review process in Workday for the department and create ServiceNow tracking tasks for HR BPs.
inputParameters:
- name: department_id
in: body
type: string
description: Workday department or organization ID.
- name: review_deadline
in: body
type: string
description: Deadline for review completion in YYYY-MM-DD format.
- name: hr_bp_group
in: body
type: string
description: ServiceNow assignment group for HR business partner tracking tasks.
steps:
- name: trigger-review
type: call
call: workday-perf.create-review-process
with:
organization_id: '{{department_id}}'
due_date: '{{review_deadline}}'
- name: create-hr-task
type: call
call: servicenow-hr.create-task
with:
short_description: Annual review cycle initiated for department {{department_id}}
description: 'Workday review process started. Process ID: {{trigger-review.process_id}}. Deadline: {{review_deadline}}. Monitor completion and follow up with managers.'
assignment_group: '{{hr_bp_group}}'
due_date: '{{review_deadline}}'
consumes:
- type: http
namespace: workday-perf
baseUri: https://wd2-impl-services1.workday.com/ccx/api/v1
authentication:
type: bearer
token: $secrets.workday_token
resources:
- name: review-processes
path: /businessProcesses
operations:
- name: create-review-process
method: POST
- type: http
namespace: servicenow-hr
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
Queries Snowflake for network latency trends by region, refreshes the Power BI network dashboard, and posts the analysis to network engineering.
naftiko: '0.5'
info:
label: Network Latency Trend Analysis
description: Queries Snowflake for network latency trends by region, refreshes the Power BI network dashboard, and posts the analysis to network engineering.
tags:
- network
- analytics
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: network-analytics
port: 8080
tools:
- name: analyze-latency-trends
description: Given a region and period, analyze network latency trends and post report.
inputParameters:
- name: region
type: string
description: Network region.
- name: period
type: string
description: Analysis period.
steps:
- name: get-latency-data
type: call
call: snowflake.query-latency
with:
region: '{{region}}'
period: '{{period}}'
- name: refresh-dashboard
type: call
call: powerbi.refresh-dataset
with:
dataset_id: $secrets.network_dashboard_id
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_network_eng_channel
text: 'Latency analysis {{region}} ({{period}}): p50: {{get-latency-data.p50_ms}}ms | p99: {{get-latency-data.p99_ms}}ms | Trend: {{get-latency-data.trend}} | Dashboard refreshed'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: query-latency
method: POST
- type: http
namespace: powerbi
baseUri: https://api.powerbi.com/v1.0/myorg
authentication:
type: bearer
token: $secrets.powerbi_token
resources:
- name: datasets
path: /datasets/{{dataset_id}}/refreshes
inputParameters:
- name: dataset_id
in: path
operations:
- name: refresh-dataset
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/network-eng/channels/{{channel_id}}/messages
inputParameters:
- name: channel_id
in: path
operations:
- name: post-channel-message
method: POST
When a network outage is detected, creates ServiceNow P1 incident, pages NOC on-call, and notifies leadership.
naftiko: '0.5'
info:
label: Network Outage Response Orchestration
description: When a network outage is detected, creates ServiceNow P1 incident, pages NOC on-call, and notifies leadership.
tags:
- network
- outage
- servicenow
- pagerduty
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: network_outage_response_orchestration
description: When a network outage is detected, creates ServiceNow P1 incident, pages NOC on-call, and notifies leadership.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Network Outage Response Orchestration: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Network Outage Response Orchestration for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Creates and routes a ServiceNow change request for planned network infrastructure changes through the standard CAB approval workflow.
naftiko: '0.5'
info:
label: ServiceNow Change Management Approval
description: Creates and routes a ServiceNow change request for planned network infrastructure changes through the standard CAB approval workflow.
tags:
- itsm
- change-management
- servicenow
- network
- approval
capability:
exposes:
- type: mcp
namespace: change-mgmt
port: 8080
tools:
- name: submit-network-change
description: Given a change description, risk level, and maintenance window, create a ServiceNow change request for a network infrastructure change and assign it to the CAB group.
inputParameters:
- name: change_description
in: body
type: string
description: Description of the proposed network change.
- name: risk_level
in: body
type: string
description: 'Change risk level: low, medium, high, or critical.'
- name: scheduled_start
in: body
type: string
description: Planned start datetime in ISO 8601 format.
- name: scheduled_end
in: body
type: string
description: Planned end datetime in ISO 8601 format.
- name: affected_ci
in: body
type: string
description: ServiceNow CMDB CI name for the affected network element.
call: servicenow-chg.create-change-request
with:
short_description: '{{change_description}}'
risk: '{{risk_level}}'
start_date: '{{scheduled_start}}'
end_date: '{{scheduled_end}}'
cmdb_ci: '{{affected_ci}}'
outputParameters:
- name: change_number
type: string
mapping: $.result.number
- name: sys_id
type: string
mapping: $.result.sys_id
consumes:
- type: http
namespace: servicenow-chg
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: change-requests
path: /table/change_request
operations:
- name: create-change-request
method: POST
Archives Zoom meeting recordings for compliance-designated meetings to SharePoint and creates a ServiceNow compliance record to confirm archival.
naftiko: '0.5'
info:
label: Zoom Meeting Compliance Recording Archival
description: Archives Zoom meeting recordings for compliance-designated meetings to SharePoint and creates a ServiceNow compliance record to confirm archival.
tags:
- compliance
- zoom
- sharepoint
- servicenow
- archival
capability:
exposes:
- type: mcp
namespace: meeting-compliance
port: 8080
tools:
- name: archive-compliance-recording
description: Given a Zoom meeting UUID, download the recording metadata and upload it to the compliance SharePoint library, then create a ServiceNow compliance record confirming archival.
inputParameters:
- name: meeting_uuid
in: body
type: string
description: The Zoom meeting UUID for the compliance recording.
- name: compliance_site_id
in: body
type: string
description: SharePoint site ID for the compliance recordings library.
steps:
- name: get-recording
type: call
call: zoom.get-meeting-recordings
with:
meeting_uuid: '{{meeting_uuid}}'
- name: store-to-sharepoint
type: call
call: sharepoint-compliance.upload-file
with:
site_id: '{{compliance_site_id}}'
folder_path: ComplianceRecordings/{{get-recording.start_time}}
file_name: '{{meeting_uuid}}_recording.mp4'
download_url: '{{get-recording.download_url}}'
- name: create-compliance-record
type: call
call: servicenow-compliance.create-record
with:
short_description: 'Zoom recording archived: {{meeting_uuid}}'
description: 'Meeting {{meeting_uuid}} recording archived to SharePoint at {{compliance_site_id}}. Start time: {{get-recording.start_time}}. SharePoint path: {{store-to-sharepoint.web_url}}.'
consumes:
- type: http
namespace: zoom
baseUri: https://api.zoom.us/v2
authentication:
type: bearer
token: $secrets.zoom_token
resources:
- name: meeting-recordings
path: /meetings/{{meeting_uuid}}/recordings
inputParameters:
- name: meeting_uuid
in: path
operations:
- name: get-meeting-recordings
method: GET
- type: http
namespace: sharepoint-compliance
baseUri: https://graph.microsoft.com/v1.0/sites
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: files
path: /{{site_id}}/drive/root:/{{folder_path}}/{{file_name}}:/content
inputParameters:
- name: site_id
in: path
- name: folder_path
in: path
- name: file_name
in: path
operations:
- name: upload-file
method: PUT
- type: http
namespace: servicenow-compliance
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: compliance-records
path: /table/compliance_finding
operations:
- name: create-record
method: POST
Fetches Datadog SLO compliance data for Verizon's consumer and business services and posts a weekly reliability report to the leadership Slack channel.
naftiko: '0.5'
info:
label: Datadog SLO Compliance Report
description: Fetches Datadog SLO compliance data for Verizon's consumer and business services and posts a weekly reliability report to the leadership Slack channel.
tags:
- observability
- datadog
- slack
- slo
- reporting
capability:
exposes:
- type: mcp
namespace: slo-reporting
port: 8080
tools:
- name: publish-slo-report
description: Fetch SLO compliance data from Datadog for a given timeframe and post a formatted report to the Slack leadership channel. Use for weekly or monthly reliability reporting to stakeholders.
inputParameters:
- name: slo_ids
in: body
type: string
description: Comma-separated Datadog SLO IDs to include in the report.
- name: timeframe
in: body
type: string
description: 'Reporting timeframe: 7d, 30d, or 90d.'
- name: slack_channel
in: body
type: string
description: Slack channel for the SLO report.
steps:
- name: get-slo-data
type: call
call: datadog-slo.get-slo-history
with:
ids: '{{slo_ids}}'
timeframe: '{{timeframe}}'
- name: post-report
type: call
call: slack-leadership.post-message
with:
channel: '{{slack_channel}}'
text: 'SLO Compliance Report ({{timeframe}}): {{get-slo-data.compliant_count}} compliant, {{get-slo-data.breached_count}} breached. Overall: {{get-slo-data.overall_pct}}%.'
consumes:
- type: http
namespace: datadog-slo
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: slo-history
path: /slo/history
operations:
- name: get-slo-history
method: GET
- type: http
namespace: slack-leadership
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Syncs HubSpot marketing qualified leads (MQLs) to Salesforce by creating or updating lead records and notifying the assigned sales rep via Slack.
naftiko: '0.5'
info:
label: HubSpot Lead Enrichment from Salesforce
description: Syncs HubSpot marketing qualified leads (MQLs) to Salesforce by creating or updating lead records and notifying the assigned sales rep via Slack.
tags:
- marketing
- crm
- hubspot
- salesforce
- slack
- lead-management
capability:
exposes:
- type: mcp
namespace: lead-enrichment
port: 8080
tools:
- name: sync-mql-to-salesforce
description: Given a HubSpot contact ID that has reached MQL status, create or update the corresponding lead in Salesforce and notify the assigned sales rep via Slack.
inputParameters:
- name: hubspot_contact_id
in: body
type: string
description: The HubSpot contact ID that reached MQL status.
- name: sales_rep_slack_id
in: body
type: string
description: Slack user ID of the assigned sales representative.
steps:
- name: get-contact
type: call
call: hubspot-contacts.get-contact
with:
contact_id: '{{hubspot_contact_id}}'
- name: create-sf-lead
type: call
call: salesforce-lead.create-lead
with:
FirstName: '{{get-contact.firstname}}'
LastName: '{{get-contact.lastname}}'
Email: '{{get-contact.email}}'
Company: '{{get-contact.company}}'
LeadSource: HubSpot_MQL
- name: notify-rep
type: call
call: slack-sales.post-message
with:
channel: '{{sales_rep_slack_id}}'
text: 'New MQL assigned: {{get-contact.firstname}} {{get-contact.lastname}} from {{get-contact.company}}. Salesforce lead: {{create-sf-lead.id}}.'
consumes:
- type: http
namespace: hubspot-contacts
baseUri: https://api.hubapi.com/crm/v3
authentication:
type: bearer
token: $secrets.hubspot_token
resources:
- name: contacts
path: /objects/contacts/{{contact_id}}
inputParameters:
- name: contact_id
in: path
operations:
- name: get-contact
method: GET
- type: http
namespace: salesforce-lead
baseUri: https://verizon.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: leads
path: /sobjects/Lead
operations:
- name: create-lead
method: POST
- type: http
namespace: slack-sales
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Monitors GitHub Dependabot alerts for critical vulnerabilities in Verizon engineering repositories and routes remediation tasks to the responsible team via ServiceNow and Jira.
naftiko: '0.5'
info:
label: GitHub Dependabot Vulnerability Alert
description: Monitors GitHub Dependabot alerts for critical vulnerabilities in Verizon engineering repositories and routes remediation tasks to the responsible team via ServiceNow and Jira.
tags:
- devops
- security
- github
- jira
- servicenow
- vulnerability
capability:
exposes:
- type: mcp
namespace: dep-security
port: 8080
tools:
- name: handle-dependabot-alert
description: Given a GitHub Dependabot alert number and repository, create a Jira security task and a ServiceNow vulnerability incident for tracking and remediation.
inputParameters:
- name: repository
in: body
type: string
description: GitHub repository in owner/repo format.
- name: alert_number
in: body
type: integer
description: The Dependabot alert number.
steps:
- name: get-alert
type: call
call: github-dep.get-dependabot-alert
with:
repo: '{{repository}}'
alert_number: '{{alert_number}}'
- name: create-jira-task
type: call
call: jira-sec.create-issue
with:
project_key: SEC
issuetype: Task
summary: 'Fix: {{get-alert.security_advisory.cve_id}} in {{repository}}'
description: 'Package: {{get-alert.dependency.package.name}}. Severity: {{get-alert.security_advisory.severity}}. CVE: {{get-alert.security_advisory.cve_id}}.'
- name: create-snow-incident
type: call
call: servicenow-dep.create-incident
with:
short_description: 'Dependabot: {{get-alert.security_advisory.cve_id}} in {{repository}}'
description: 'Jira task: {{create-jira-task.key}}. CVE: {{get-alert.security_advisory.cve_id}}. Package: {{get-alert.dependency.package.name}}.'
category: security
consumes:
- type: http
namespace: github-dep
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: dependabot-alerts
path: /repos/{{repo}}/dependabot/alerts/{{alert_number}}
inputParameters:
- name: repo
in: path
- name: alert_number
in: path
operations:
- name: get-dependabot-alert
method: GET
- type: http
namespace: jira-sec
baseUri: https://verizon.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: servicenow-dep
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Queries Okta for users without MFA, creates ServiceNow ticket, and notifies IT security.
naftiko: '0.5'
info:
label: Okta MFA Non-Compliance Escalation
description: Queries Okta for users without MFA, creates ServiceNow ticket, and notifies IT security.
tags:
- security
- identity
- okta
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: okta_mfa_non_compliance_escalation
description: Queries Okta for users without MFA, creates ServiceNow ticket, and notifies IT security.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Okta MFA Non-Compliance Escalation: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Okta MFA Non-Compliance Escalation for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When Dependabot finds a vulnerability, creates Jira ticket and alerts security.
naftiko: '0.5'
info:
label: GitHub Dependabot Vulnerability Triage
description: When Dependabot finds a vulnerability, creates Jira ticket and alerts security.
tags:
- security
- github
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: github_dependabot_vulnerability_triage
description: When Dependabot finds a vulnerability, creates Jira ticket and alerts security.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'GitHub Dependabot Vulnerability Triage: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'GitHub Dependabot Vulnerability Triage for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Runs a quarterly access review by querying Okta for inactive users and creates ServiceNow de-provisioning tasks for accounts not used within the review period.
naftiko: '0.5'
info:
label: Okta Access Review and De-provisioning
description: Runs a quarterly access review by querying Okta for inactive users and creates ServiceNow de-provisioning tasks for accounts not used within the review period.
tags:
- identity
- security
- okta
- servicenow
- access-management
- compliance
capability:
exposes:
- type: mcp
namespace: access-review
port: 8080
tools:
- name: run-access-review
description: Query Okta for user accounts inactive for more than a specified number of days and create ServiceNow de-provisioning tasks for each identified account. Use for quarterly access reviews.
inputParameters:
- name: inactive_days_threshold
in: body
type: integer
description: Number of days of inactivity after which a de-provisioning task is created.
- name: deprovisioning_group
in: body
type: string
description: ServiceNow assignment group responsible for de-provisioning tasks.
steps:
- name: get-inactive-users
type: call
call: okta-review.list-users
with:
filter: status eq "ACTIVE" and lastLogin lt "{{inactive_days_threshold}}daysAgo"
- name: create-deprovisioning-task
type: call
call: servicenow-access.create-task
with:
short_description: 'Access review: {{get-inactive-users.total}} inactive Okta accounts require de-provisioning'
description: Quarterly access review identified {{get-inactive-users.total}} accounts inactive for more than {{inactive_days_threshold}} days. Review and de-provision as appropriate.
assignment_group: '{{deprovisioning_group}}'
consumes:
- type: http
namespace: okta-review
baseUri: https://verizon.okta.com/api/v1
authentication:
type: apikey
key: Authorization
value: $secrets.okta_token
placement: header
resources:
- name: users
path: /users
operations:
- name: list-users
method: GET
- type: http
namespace: servicenow-access
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
Monitors Kubernetes deployment rollout status via the GitHub Actions workflow and creates a Datadog event and Slack alert when a rollout fails or takes too long.
naftiko: '0.5'
info:
label: Kubernetes Deployment Rollout Monitor
description: Monitors Kubernetes deployment rollout status via the GitHub Actions workflow and creates a Datadog event and Slack alert when a rollout fails or takes too long.
tags:
- devops
- kubernetes
- datadog
- slack
- deployment
- monitoring
capability:
exposes:
- type: mcp
namespace: k8s-deployment
port: 8080
tools:
- name: monitor-deployment-rollout
description: Given a GitHub Actions deployment run ID and Kubernetes deployment name, check rollout status and create a Datadog event and Slack alert on failure or timeout.
inputParameters:
- name: run_id
in: body
type: string
description: GitHub Actions workflow run ID for the deployment.
- name: deployment_name
in: body
type: string
description: Kubernetes deployment name being rolled out.
- name: namespace
in: body
type: string
description: Kubernetes namespace where the deployment lives.
- name: slack_channel
in: body
type: string
description: Slack channel to alert on deployment issues.
steps:
- name: get-deploy-status
type: call
call: github-deploy.get-workflow-run
with:
repo: verizon/platform-services
run_id: '{{run_id}}'
- name: create-dd-event
type: call
call: datadog-deploy.create-event
with:
title: 'Deployment: {{deployment_name}} in {{namespace}}'
text: 'Deployment {{deployment_name}} status: {{get-deploy-status.conclusion}}. Run: {{run_id}}.'
alert_type: error
- name: post-slack-alert
type: call
call: slack-deploy.post-message
with:
channel: '{{slack_channel}}'
text: 'Deployment Alert: {{deployment_name}} ({{namespace}}) — Status: {{get-deploy-status.conclusion}}. Datadog event created. GitHub run: {{get-deploy-status.html_url}}'
consumes:
- type: http
namespace: github-deploy
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repo}}/actions/runs/{{run_id}}
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: datadog-deploy
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
- type: http
namespace: slack-deploy
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Coordinates month-end close with Oracle ERP tasks, Snowflake validation, and finance team notification.
naftiko: '0.5'
info:
label: Oracle Period Close Workflow
description: Coordinates month-end close with Oracle ERP tasks, Snowflake validation, and finance team notification.
tags:
- finance
- oracle
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: oracle_period_close_workflow
description: Coordinates month-end close with Oracle ERP tasks, Snowflake validation, and finance team notification.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Oracle Period Close Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Oracle Period Close Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Snowflake for network performance metrics.
naftiko: '0.5'
info:
label: Snowflake Network Metrics Query
description: Queries Snowflake for network performance metrics.
tags:
- network
- analytics
- snowflake
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: snowflake_network_metrics_query
description: Queries Snowflake for network performance metrics.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-snowflake
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries weather data and Snowflake network metrics, predicts impact zones, and pre-creates ServiceNow incidents.
naftiko: '0.5'
info:
label: Network Weather Impact Assessment
description: Queries weather data and Snowflake network metrics, predicts impact zones, and pre-creates ServiceNow incidents.
tags:
- network
- weather
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: network_weather_impact_assessment
description: Queries weather data and Snowflake network metrics, predicts impact zones, and pre-creates ServiceNow incidents.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Network Weather Impact Assessment: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Network Weather Impact Assessment for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Identifies at-risk customers via Snowflake analytics, creates Salesforce retention tasks, and notifies the retention team.
naftiko: '0.5'
info:
label: Customer Churn Intervention Workflow
description: Identifies at-risk customers via Snowflake analytics, creates Salesforce retention tasks, and notifies the retention team.
tags:
- customer-retention
- snowflake
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: customer_churn_intervention_workflow
description: Identifies at-risk customers via Snowflake analytics, creates Salesforce retention tasks, and notifies the retention team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Customer Churn Intervention Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Customer Churn Intervention Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Fetches the current PagerDuty on-call schedule and posts an updated on-call roster to the NOC Slack channel every Monday morning.
naftiko: '0.5'
info:
label: PagerDuty On-Call Schedule Sync
description: Fetches the current PagerDuty on-call schedule and posts an updated on-call roster to the NOC Slack channel every Monday morning.
tags:
- itsm
- pagerduty
- slack
- on-call
- operations
capability:
exposes:
- type: mcp
namespace: oncall-management
port: 8080
tools:
- name: publish-oncall-roster
description: Fetch the current on-call schedule from PagerDuty for a given escalation policy and post the roster to the NOC Slack channel. Use for weekly on-call handoff notifications.
inputParameters:
- name: escalation_policy_id
in: body
type: string
description: The PagerDuty escalation policy ID to fetch the on-call schedule for.
- name: slack_channel
in: body
type: string
description: Slack channel to post the on-call roster to.
steps:
- name: get-oncall
type: call
call: pagerduty-oncall.list-oncalls
with:
escalation_policy_id: '{{escalation_policy_id}}'
- name: post-roster
type: call
call: slack-noc.post-message
with:
channel: '{{slack_channel}}'
text: 'On-Call Roster: Primary: {{get-oncall.primary_name}} ({{get-oncall.primary_email}}). Secondary: {{get-oncall.secondary_name}}. Escalation policy: {{escalation_policy_id}}.'
consumes:
- type: http
namespace: pagerduty-oncall
baseUri: https://api.pagerduty.com
authentication:
type: apikey
key: Authorization
value: $secrets.pagerduty_token
placement: header
resources:
- name: oncalls
path: /oncalls
operations:
- name: list-oncalls
method: GET
- type: http
namespace: slack-noc
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Uses Anthropic Claude to analyze call transcript data from Snowflake and posts customer insights to CX team.
naftiko: '0.5'
info:
label: AI-Assisted Customer Call Analysis
description: Uses Anthropic Claude to analyze call transcript data from Snowflake and posts customer insights to CX team.
tags:
- customer-experience
- anthropic
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: ai_assisted_customer_call_analysis
description: Uses Anthropic Claude to analyze call transcript data from Snowflake and posts customer insights to CX team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'AI-Assisted Customer Call Analysis: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'AI-Assisted Customer Call Analysis for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When Datadog detects API rate limit approaching, creates ServiceNow incident and alerts platform team.
naftiko: '0.5'
info:
label: API Gateway Rate Limit Alert
description: When Datadog detects API rate limit approaching, creates ServiceNow incident and alerts platform team.
tags:
- devops
- api
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: api_gateway_rate_limit_alert
description: When Datadog detects API rate limit approaching, creates ServiceNow incident and alerts platform team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'API Gateway Rate Limit Alert: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'API Gateway Rate Limit Alert for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves CI/CD status for a repository.
naftiko: '0.5'
info:
label: GitHub Repository Status Lookup
description: Retrieves CI/CD status for a repository.
tags:
- devops
- github
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: github_repository_status_lookup
description: Retrieves CI/CD status for a repository.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-github
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Monitors interconnect performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
naftiko: '0.5'
info:
label: Carrier Interconnect Performance Monitoring
description: Monitors interconnect performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
tags:
- network
- interconnect
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: carrier_interconnect_performance_monitoring
description: Monitors interconnect performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Carrier Interconnect Performance Monitoring: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Carrier Interconnect Performance Monitoring for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves GL account balance from Oracle ERP.
naftiko: '0.5'
info:
label: Oracle ERP GL Balance Lookup
description: Retrieves GL account balance from Oracle ERP.
tags:
- finance
- oracle
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: oracle_erp_gl_balance_lookup
description: Retrieves GL account balance from Oracle ERP.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-oracle
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries AWS and Azure costs, identifies optimizations, and posts recommendations to cloud team.
naftiko: '0.5'
info:
label: Cloud Cost Optimization Orchestration
description: Queries AWS and Azure costs, identifies optimizations, and posts recommendations to cloud team.
tags:
- cloud
- finops
- azure
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: cloud_cost_optimization_orchestration
description: Queries AWS and Azure costs, identifies optimizations, and posts recommendations to cloud team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Cloud Cost Optimization Orchestration: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Cloud Cost Optimization Orchestration for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves a PagerDuty incident by ID.
naftiko: '0.5'
info:
label: PagerDuty Incident Lookup
description: Retrieves a PagerDuty incident by ID.
tags:
- itsm
- pagerduty
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: pagerduty_incident_lookup
description: Retrieves a PagerDuty incident by ID.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-pagerduty
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Uses Anthropic to analyze customer service call transcripts stored in Snowflake, extracting sentiment and key issues to update Salesforce case records.
naftiko: '0.5'
info:
label: Anthropic Call Transcript Analysis
description: Uses Anthropic to analyze customer service call transcripts stored in Snowflake, extracting sentiment and key issues to update Salesforce case records.
tags:
- ai
- customer-support
- anthropic
- snowflake
- salesforce
- automation
capability:
exposes:
- type: mcp
namespace: ai-call-analysis
port: 8080
tools:
- name: analyze-call-transcript
description: Given a call transcript and Salesforce case ID, send the transcript to Anthropic for sentiment and issue extraction, then update the Salesforce case with the analysis.
inputParameters:
- name: case_id
in: body
type: string
description: The Salesforce case ID associated with the call.
- name: transcript_text
in: body
type: string
description: The full call transcript text.
steps:
- name: analyze-sentiment
type: call
call: anthropic.create-message
with:
model: claude-opus-4-5
max_tokens: 512
prompt: 'Analyze this customer service call transcript. Extract: 1) Overall sentiment (positive/neutral/negative), 2) Main customer issue in one sentence, 3) Resolution status (resolved/unresolved/escalated). Return as JSON. Transcript: {{transcript_text}}'
- name: update-case
type: call
call: salesforce-cases.update-case
with:
case_id: '{{case_id}}'
call_sentiment: '{{analyze-sentiment.sentiment}}'
issue_summary: '{{analyze-sentiment.main_issue}}'
resolution_status: '{{analyze-sentiment.resolution_status}}'
consumes:
- type: http
namespace: anthropic
baseUri: https://api.anthropic.com/v1
authentication:
type: apikey
key: x-api-key
value: $secrets.anthropic_api_key
placement: header
resources:
- name: messages
path: /messages
operations:
- name: create-message
method: POST
- type: http
namespace: salesforce-cases
baseUri: https://verizon.my.salesforce.com/services/data/v58.0
authentication:
type: bearer
token: $secrets.salesforce_token
resources:
- name: cases
path: /sobjects/Case/{{case_id}}
inputParameters:
- name: case_id
in: path
operations:
- name: update-case
method: PATCH
Tracks FCC filing deadlines in Jira, validates compliance status, and sends escalation notifications.
naftiko: '0.5'
info:
label: FCC Regulatory Filing Tracker
description: Tracks FCC filing deadlines in Jira, validates compliance status, and sends escalation notifications.
tags:
- compliance
- regulatory
- fcc
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: fcc_regulatory_filing_tracker
description: Tracks FCC filing deadlines in Jira, validates compliance status, and sends escalation notifications.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'FCC Regulatory Filing Tracker: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'FCC Regulatory Filing Tracker for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When a GitHub Actions workflow fails on a protected branch, creates a Jira bug, posts an alert to the engineering Slack channel, and marks a Datadog deployment event.
naftiko: '0.5'
info:
label: GitHub CI/CD Pipeline Failure Handler
description: When a GitHub Actions workflow fails on a protected branch, creates a Jira bug, posts an alert to the engineering Slack channel, and marks a Datadog deployment event.
tags:
- devops
- cicd
- github
- jira
- slack
- datadog
capability:
exposes:
- type: mcp
namespace: devops-cicd
port: 8080
tools:
- name: handle-pipeline-failure
description: Given a GitHub Actions run ID and repository, create a Jira bug, post a Slack alert, and create a Datadog deployment event. Use when a protected-branch pipeline fails.
inputParameters:
- name: run_id
in: body
type: string
description: The GitHub Actions workflow run ID.
- name: repository
in: body
type: string
description: GitHub repository in owner/repo format.
- name: branch
in: body
type: string
description: The branch name where the pipeline failed.
- name: workflow_name
in: body
type: string
description: The failed GitHub Actions workflow name.
steps:
- name: get-run
type: call
call: github.get-workflow-run
with:
repo: '{{repository}}'
run_id: '{{run_id}}'
- name: create-bug
type: call
call: jira.create-issue
with:
project_key: ENG
issuetype: Bug
summary: '[CI Failure] {{repository}} / {{branch}} — {{workflow_name}}'
description: 'Run {{run_id}} failed. URL: {{get-run.html_url}}'
- name: post-slack-alert
type: call
call: slack.post-message
with:
channel: engineering-alerts
text: 'Pipeline Failure: {{repository}} | Branch: {{branch}} | Jira: {{create-bug.key}} | Run: {{get-run.html_url}}'
- name: create-dd-event
type: call
call: datadog-events.create-event
with:
title: 'CI Failure: {{repository}} / {{branch}}'
text: 'Pipeline {{run_id}} failed. Jira: {{create-bug.key}}'
alert_type: error
consumes:
- type: http
namespace: github
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: workflow-runs
path: /repos/{{repo}}/actions/runs/{{run_id}}
inputParameters:
- name: repo
in: path
- name: run_id
in: path
operations:
- name: get-workflow-run
method: GET
- type: http
namespace: jira
baseUri: https://verizon.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_token
resources:
- name: issues
path: /issue
operations:
- name: create-issue
method: POST
- type: http
namespace: slack
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
- type: http
namespace: datadog-events
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events
operations:
- name: create-event
method: POST
When a cell tower alarm fires, queries Datadog for metrics, creates ServiceNow incident, and pages field ops.
naftiko: '0.5'
info:
label: Cell Tower Alarm Triage
description: When a cell tower alarm fires, queries Datadog for metrics, creates ServiceNow incident, and pages field ops.
tags:
- network
- tower
- datadog
- servicenow
- pagerduty
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: cell_tower_alarm_triage
description: When a cell tower alarm fires, queries Datadog for metrics, creates ServiceNow incident, and pages field ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Cell Tower Alarm Triage: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Cell Tower Alarm Triage for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Snowflake for network utilization trends, generates capacity forecasts, and posts to network planning.
naftiko: '0.5'
info:
label: Network Capacity Planning Report
description: Queries Snowflake for network utilization trends, generates capacity forecasts, and posts to network planning.
tags:
- network
- capacity
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: network_capacity_planning_report
description: Queries Snowflake for network utilization trends, generates capacity forecasts, and posts to network planning.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Network Capacity Planning Report: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Network Capacity Planning Report for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves employee time off balance.
naftiko: '0.5'
info:
label: Workday Time Off Balance Lookup
description: Retrieves employee time off balance.
tags:
- hr
- workday
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: workday_time_off_balance_lookup
description: Retrieves employee time off balance.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-workday
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
When data center capacity exceeds threshold, creates ServiceNow incident and notifies infrastructure team.
naftiko: '0.5'
info:
label: Data Center Capacity Alert
description: When data center capacity exceeds threshold, creates ServiceNow incident and notifies infrastructure team.
tags:
- infrastructure
- data-center
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: data_center_capacity_alert
description: When data center capacity exceeds threshold, creates ServiceNow incident and notifies infrastructure team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Data Center Capacity Alert: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Data Center Capacity Alert for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves Azure resource group costs.
naftiko: '0.5'
info:
label: Azure Resource Cost Lookup
description: Retrieves Azure resource group costs.
tags:
- cloud
- azure
- finops
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: azure_resource_cost_lookup
description: Retrieves Azure resource group costs.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-azure
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
When a billing dispute is received, queries Oracle for charge details, creates Salesforce case, and notifies billing team.
naftiko: '0.5'
info:
label: Customer Billing Dispute Resolution
description: When a billing dispute is received, queries Oracle for charge details, creates Salesforce case, and notifies billing team.
tags:
- billing
- oracle
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: customer_billing_dispute_resolution
description: When a billing dispute is received, queries Oracle for charge details, creates Salesforce case, and notifies billing team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Customer Billing Dispute Resolution: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Customer Billing Dispute Resolution for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Triggers a Power BI dataset refresh.
naftiko: '0.5'
info:
label: Power BI Dataset Refresh Trigger
description: Triggers a Power BI dataset refresh.
tags:
- reporting
- power-bi
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: power_bi_dataset_refresh_trigger
description: Triggers a Power BI dataset refresh.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-power
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Executes Snowflake analytics queries against Verizon's network performance data warehouse and posts a weekly network KPI summary to the operations Slack channel.
naftiko: '0.5'
info:
label: Snowflake Network Analytics Report
description: Executes Snowflake analytics queries against Verizon's network performance data warehouse and posts a weekly network KPI summary to the operations Slack channel.
tags:
- analytics
- snowflake
- slack
- reporting
- network
capability:
exposes:
- type: mcp
namespace: network-analytics
port: 8080
tools:
- name: digest-network-kpis
description: Execute a Snowflake network performance query and post a weekly KPI digest to the specified Slack channel. Use for weekly network operations reporting.
inputParameters:
- name: reporting_week
in: body
type: string
description: The ISO week in YYYY-Www format (e.g., 2026-W12).
- name: region
in: body
type: string
description: Network region filter (e.g., Northeast, Southeast, West).
- name: slack_channel
in: body
type: string
description: Slack channel name or ID to post the digest to.
steps:
- name: run-kpi-query
type: call
call: snowflake.execute-query
with:
statement: SELECT region, avg_latency_ms, packet_loss_pct, uptime_pct FROM network.weekly_kpis WHERE iso_week = '{{reporting_week}}' AND region = '{{region}}'
- name: post-digest
type: call
call: slack-reports.post-message
with:
channel: '{{slack_channel}}'
text: 'Network KPI Digest ({{reporting_week}}, {{region}}): Avg latency {{run-kpi-query.avg_latency_ms}}ms, Packet loss {{run-kpi-query.packet_loss_pct}}%, Uptime {{run-kpi-query.uptime_pct}}%.'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: slack-reports
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves Datadog monitor status.
naftiko: '0.5'
info:
label: Datadog Monitor Status Lookup
description: Retrieves Datadog monitor status.
tags:
- observability
- datadog
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: datadog_monitor_status_lookup
description: Retrieves Datadog monitor status.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-datadog
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Processes incoming supplier invoices against Oracle ERP purchase orders and creates ServiceNow approval tasks for invoices that require manual review.
naftiko: '0.5'
info:
label: Oracle ERP Invoice Processing
description: Processes incoming supplier invoices against Oracle ERP purchase orders and creates ServiceNow approval tasks for invoices that require manual review.
tags:
- finance
- procurement
- oracle
- servicenow
- invoice
- approval
capability:
exposes:
- type: mcp
namespace: finance-invoicing
port: 8080
tools:
- name: process-supplier-invoice
description: Given an Oracle invoice number and purchase order number, fetch both records, compare amounts, and create a ServiceNow approval task for discrepancies or large invoices.
inputParameters:
- name: invoice_number
in: body
type: string
description: The Oracle Payables invoice number.
- name: po_number
in: body
type: string
description: The Oracle purchase order number to validate against.
- name: approval_threshold
in: body
type: number
description: Dollar threshold above which manual approval is required.
steps:
- name: get-invoice
type: call
call: oracle-payables.get-invoice
with:
invoice_number: '{{invoice_number}}'
- name: get-po
type: call
call: oracle-po.get-purchase-order
with:
po_number: '{{po_number}}'
- name: create-approval-task
type: call
call: servicenow-payables.create-task
with:
short_description: 'Invoice approval: {{invoice_number}} against PO {{po_number}}'
description: 'Invoice amount: {{get-invoice.InvoiceAmount}}. PO amount: {{get-po.TotalAmount}}. Vendor: {{get-invoice.SupplierName}}. Review required.'
assignment_group: Finance_AP
consumes:
- type: http
namespace: oracle-payables
baseUri: https://verizon.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05
authentication:
type: basic
username: $secrets.oracle_user
password: $secrets.oracle_password
resources:
- name: invoices
path: /invoices/{{invoice_number}}
inputParameters:
- name: invoice_number
in: path
operations:
- name: get-invoice
method: GET
- type: http
namespace: oracle-po
baseUri: https://verizon.fa.us2.oraclecloud.com/fscmRestApi/resources/11.13.18.05
authentication:
type: basic
username: $secrets.oracle_user
password: $secrets.oracle_password
resources:
- name: purchase-orders
path: /purchaseOrders/{{po_number}}
inputParameters:
- name: po_number
in: path
operations:
- name: get-purchase-order
method: GET
- type: http
namespace: servicenow-payables
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
When Datadog detects cluster resource pressure, triggers autoscaling review, creates ServiceNow change request.
naftiko: '0.5'
info:
label: Kubernetes Cluster Scaling Alert
description: When Datadog detects cluster resource pressure, triggers autoscaling review, creates ServiceNow change request.
tags:
- devops
- kubernetes
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: kubernetes_cluster_scaling_alert
description: When Datadog detects cluster resource pressure, triggers autoscaling review, creates ServiceNow change request.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Kubernetes Cluster Scaling Alert: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Kubernetes Cluster Scaling Alert for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Launches annual review by pulling headcount from Workday, creating Jira epic, and notifying HR.
naftiko: '0.5'
info:
label: Workday Annual Review Cycle Launch
description: Launches annual review by pulling headcount from Workday, creating Jira epic, and notifying HR.
tags:
- hr
- performance
- workday
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: workday_annual_review_cycle_launch
description: Launches annual review by pulling headcount from Workday, creating Jira epic, and notifying HR.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Workday Annual Review Cycle Launch: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Workday Annual Review Cycle Launch for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Coordinates pen test by creating Jira test plan, scheduling ServiceNow maintenance window, and notifying security.
naftiko: '0.5'
info:
label: Network Security Penetration Test Workflow
description: Coordinates pen test by creating Jira test plan, scheduling ServiceNow maintenance window, and notifying security.
tags:
- security
- penetration-testing
- jira
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: network_security_penetration_test_workflow
description: Coordinates pen test by creating Jira test plan, scheduling ServiceNow maintenance window, and notifying security.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Network Security Penetration Test Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Network Security Penetration Test Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Pulls tower maintenance schedules from Snowflake, creates ServiceNow work orders, and notifies the field ops team.
naftiko: '0.5'
info:
label: 5G Tower Maintenance Scheduling
description: Pulls tower maintenance schedules from Snowflake, creates ServiceNow work orders, and notifies the field ops team.
tags:
- network
- 5g
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: 5g_tower_maintenance_scheduling
description: Pulls tower maintenance schedules from Snowflake, creates ServiceNow work orders, and notifies the field ops team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: '5G Tower Maintenance Scheduling: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: '5G Tower Maintenance Scheduling for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Coordinates enterprise contract renewals by pulling Salesforce data, validating pricing, and notifying account team.
naftiko: '0.5'
info:
label: Salesforce Enterprise Renewal Orchestration
description: Coordinates enterprise contract renewals by pulling Salesforce data, validating pricing, and notifying account team.
tags:
- sales
- enterprise
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: salesforce_enterprise_renewal_orchestration
description: Coordinates enterprise contract renewals by pulling Salesforce data, validating pricing, and notifying account team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Salesforce Enterprise Renewal Orchestration: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Salesforce Enterprise Renewal Orchestration for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Pulls Jira sprint completion data and velocity metrics, then posts a formatted engineering digest to the team's Slack channel at the close of each sprint.
naftiko: '0.5'
info:
label: Jira Sprint Velocity Digest
description: Pulls Jira sprint completion data and velocity metrics, then posts a formatted engineering digest to the team's Slack channel at the close of each sprint.
tags:
- devops
- jira
- slack
- reporting
- agile
capability:
exposes:
- type: mcp
namespace: agile-reporting
port: 8080
tools:
- name: digest-sprint-velocity
description: Given a Jira board ID and sprint ID, fetch sprint metrics and post a velocity digest to the team Slack channel. Use at the end of each sprint for retrospective data.
inputParameters:
- name: board_id
in: body
type: string
description: The Jira board ID.
- name: sprint_id
in: body
type: string
description: The Jira sprint ID to report on.
- name: slack_channel
in: body
type: string
description: Slack channel name or ID for the sprint digest.
steps:
- name: get-sprint
type: call
call: jira.get-sprint
with:
board_id: '{{board_id}}'
sprint_id: '{{sprint_id}}'
- name: get-issues
type: call
call: jira-issues.list-sprint-issues
with:
sprint_id: '{{sprint_id}}'
- name: post-digest
type: call
call: slack-sprint.post-message
with:
channel: '{{slack_channel}}'
text: 'Sprint Digest: {{get-sprint.name}} completed. Stories done: {{get-issues.total_done}}, Remaining: {{get-issues.total_remaining}}, Velocity: {{get-issues.story_points_completed}} pts.'
consumes:
- type: http
namespace: jira
baseUri: https://verizon.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_token
resources:
- name: sprints
path: /board/{{board_id}}/sprint/{{sprint_id}}
inputParameters:
- name: board_id
in: path
- name: sprint_id
in: path
operations:
- name: get-sprint
method: GET
- type: http
namespace: jira-issues
baseUri: https://verizon.atlassian.net/rest/api/3
authentication:
type: basic
username: $secrets.jira_user
password: $secrets.jira_token
resources:
- name: issues
path: /search
operations:
- name: list-sprint-issues
method: GET
- type: http
namespace: slack-sprint
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves endpoint status from CrowdStrike.
naftiko: '0.5'
info:
label: CrowdStrike Host Status Lookup
description: Retrieves endpoint status from CrowdStrike.
tags:
- security
- crowdstrike
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: crowdstrike_host_status_lookup
description: Retrieves endpoint status from CrowdStrike.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-crowdstrike
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
When a Datadog monitor fires for a critical network node or 5G infrastructure component, creates a P1 ServiceNow incident and pages the NOC via PagerDuty.
naftiko: '0.5'
info:
label: Datadog Network Infrastructure Alert Handler
description: When a Datadog monitor fires for a critical network node or 5G infrastructure component, creates a P1 ServiceNow incident and pages the NOC via PagerDuty.
tags:
- itsm
- incident-response
- datadog
- servicenow
- pagerduty
- network
capability:
exposes:
- type: mcp
namespace: noc-ops
port: 8080
tools:
- name: handle-network-alert
description: Given a Datadog alert ID and affected network segment, create a P1 ServiceNow incident and trigger a PagerDuty incident for the NOC. Use for critical network or 5G infrastructure failures.
inputParameters:
- name: alert_id
in: body
type: string
description: The Datadog alert or event ID.
- name: monitor_name
in: body
type: string
description: The name of the Datadog monitor that fired.
- name: network_segment
in: body
type: string
description: The affected network segment or node identifier.
- name: severity
in: body
type: string
description: 'Alert severity: critical, high, medium, or low.'
steps:
- name: get-alert
type: call
call: datadog.get-event
with:
event_id: '{{alert_id}}'
- name: create-incident
type: call
call: servicenow-noc.create-incident
with:
short_description: '[{{severity}}] {{monitor_name}} — {{network_segment}}'
description: 'Datadog alert {{alert_id}}: {{get-alert.text}}. Network segment: {{network_segment}}.'
urgency: '1'
impact: '1'
- name: page-noc
type: call
call: pagerduty.create-incident
with:
title: 'Network alert: {{monitor_name}} on {{network_segment}}'
body: 'ServiceNow incident: {{create-incident.number}}. Datadog alert: {{alert_id}}. Severity: {{severity}}.'
service_id: NOC_SERVICE_ID
consumes:
- type: http
namespace: datadog
baseUri: https://api.datadoghq.com/api/v1
authentication:
type: apikey
key: DD-API-KEY
value: $secrets.datadog_api_key
placement: header
resources:
- name: events
path: /events/{{event_id}}
inputParameters:
- name: event_id
in: path
operations:
- name: get-event
method: GET
- type: http
namespace: servicenow-noc
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: pagerduty
baseUri: https://api.pagerduty.com
authentication:
type: apikey
key: Authorization
value: $secrets.pagerduty_token
placement: header
resources:
- name: incidents
path: /incidents
operations:
- name: create-incident
method: POST
Retrieves a Jira issue by key.
naftiko: '0.5'
info:
label: Jira Issue Lookup
description: Retrieves a Jira issue by key.
tags:
- project-management
- jira
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: jira_issue_lookup
description: Retrieves a Jira issue by key.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-jira
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries Salesforce for partner sales data, analyzes in Snowflake, and posts performance report to channel team.
naftiko: '0.5'
info:
label: Salesforce Partner Channel Performance
description: Queries Salesforce for partner sales data, analyzes in Snowflake, and posts performance report to channel team.
tags:
- sales
- partners
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: salesforce_partner_channel_performance
description: Queries Salesforce for partner sales data, analyzes in Snowflake, and posts performance report to channel team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Salesforce Partner Channel Performance: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Salesforce Partner Channel Performance for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Posts a notification to a Slack channel.
naftiko: '0.5'
info:
label: Slack Channel Notification
description: Posts a notification to a Slack channel.
tags:
- collaboration
- slack
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: slack_channel_notification
description: Posts a notification to a Slack channel.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-slack
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Monitors 5G network slice performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
naftiko: '0.5'
info:
label: Network Slice Performance Monitoring
description: Monitors 5G network slice performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
tags:
- network
- 5g
- slicing
- snowflake
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: network_slice_performance_monitoring
description: Monitors 5G network slice performance via Snowflake, creates ServiceNow alerts for degradation, and notifies network ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Network Slice Performance Monitoring: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Network Slice Performance Monitoring for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Detects AWS spend anomalies via AWS Cost Explorer and creates a ServiceNow task for the cloud FinOps team with details and recommended actions.
naftiko: '0.5'
info:
label: AWS Cost Anomaly Response
description: Detects AWS spend anomalies via AWS Cost Explorer and creates a ServiceNow task for the cloud FinOps team with details and recommended actions.
tags:
- cloud
- finops
- aws
- servicenow
- cost-management
capability:
exposes:
- type: mcp
namespace: aws-finops
port: 8080
tools:
- name: handle-aws-cost-anomaly
description: Given an AWS account ID and billing period, detect cost anomalies via AWS Cost Explorer and create a ServiceNow FinOps task when overage exceeds the threshold. Use for proactive cloud cost governance.
inputParameters:
- name: account_id
in: body
type: string
description: The AWS account ID to check for cost anomalies.
- name: time_period_start
in: body
type: string
description: Start date for cost analysis in YYYY-MM-DD format.
- name: time_period_end
in: body
type: string
description: End date for cost analysis in YYYY-MM-DD format.
steps:
- name: get-cost-summary
type: call
call: aws-cost.get-cost-and-usage
with:
account_id: '{{account_id}}'
start: '{{time_period_start}}'
end: '{{time_period_end}}'
- name: create-finops-task
type: call
call: servicenow-finops.create-task
with:
short_description: 'AWS cost anomaly: account {{account_id}} — {{time_period_start}} to {{time_period_end}}'
description: 'Total actual cost: {{get-cost-summary.total_cost}}. Period: {{time_period_start}} to {{time_period_end}}. Review for budget variances.'
assignment_group: Cloud_FinOps
consumes:
- type: http
namespace: aws-cost
baseUri: https://ce.us-east-1.amazonaws.com
authentication:
type: bearer
token: $secrets.aws_access_token
resources:
- name: cost-and-usage
path: /GetCostAndUsage
operations:
- name: get-cost-and-usage
method: POST
- type: http
namespace: servicenow-finops
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
Fetches critical GitHub Advanced Security code scanning alerts across Verizon's repositories and creates CrowdStrike-linked ServiceNow security incidents for remediation.
naftiko: '0.5'
info:
label: GitHub Security Scan Triage
description: Fetches critical GitHub Advanced Security code scanning alerts across Verizon's repositories and creates CrowdStrike-linked ServiceNow security incidents for remediation.
tags:
- devops
- security
- github
- crowdstrike
- servicenow
- vulnerability
capability:
exposes:
- type: mcp
namespace: security-scan-triage
port: 8080
tools:
- name: triage-code-scan-alerts
description: Given a GitHub repository, list critical code scanning alerts and create a ServiceNow security incident for each, tagging them for CrowdStrike correlation.
inputParameters:
- name: repository
in: body
type: string
description: GitHub repository in owner/repo format.
- name: severity_filter
in: body
type: string
description: 'Minimum severity to triage: critical or high.'
steps:
- name: get-alerts
type: call
call: github-sec.list-code-scanning-alerts
with:
repo: '{{repository}}'
severity: '{{severity_filter}}'
- name: create-sec-incident
type: call
call: servicenow-vuln.create-incident
with:
short_description: 'Code scan findings: {{repository}} ({{severity_filter}})'
description: GitHub Advanced Security found {{get-alerts.total_count}} {{severity_filter}} alerts in {{repository}}. CrowdStrike correlation required.
category: security
urgency: '1'
consumes:
- type: http
namespace: github-sec
baseUri: https://api.github.com
authentication:
type: bearer
token: $secrets.github_token
resources:
- name: code-scanning-alerts
path: /repos/{{repo}}/code-scanning/alerts
inputParameters:
- name: repo
in: path
operations:
- name: list-code-scanning-alerts
method: GET
- type: http
namespace: servicenow-vuln
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
Searches SharePoint for documents.
naftiko: '0.5'
info:
label: SharePoint Document Search
description: Searches SharePoint for documents.
tags:
- collaboration
- sharepoint
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: sharepoint_document_search
description: Searches SharePoint for documents.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-sharepoint
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries Snowflake for NPS survey results, updates Salesforce account health, and posts digest to CX team.
naftiko: '0.5'
info:
label: Salesforce Customer NPS Tracking
description: Queries Snowflake for NPS survey results, updates Salesforce account health, and posts digest to CX team.
tags:
- customer-experience
- nps
- snowflake
- salesforce
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: salesforce_customer_nps_tracking
description: Queries Snowflake for NPS survey results, updates Salesforce account health, and posts digest to CX team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Salesforce Customer NPS Tracking: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Salesforce Customer NPS Tracking for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Snowflake for fiber deployment metrics, refreshes Power BI dashboard, and posts progress to leadership.
naftiko: '0.5'
info:
label: Fiber Deployment Progress Digest
description: Queries Snowflake for fiber deployment metrics, refreshes Power BI dashboard, and posts progress to leadership.
tags:
- network
- fiber
- snowflake
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: fiber_deployment_progress_digest
description: Queries Snowflake for fiber deployment metrics, refreshes Power BI dashboard, and posts progress to leadership.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Fiber Deployment Progress Digest: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Fiber Deployment Progress Digest for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Monitors edge node health via Datadog, creates ServiceNow incidents for failures, and notifies the edge platform team.
naftiko: '0.5'
info:
label: Edge Computing Node Health Check
description: Monitors edge node health via Datadog, creates ServiceNow incidents for failures, and notifies the edge platform team.
tags:
- edge
- infrastructure
- datadog
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: edge_computing_node_health_check
description: Monitors edge node health via Datadog, creates ServiceNow incidents for failures, and notifies the edge platform team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Edge Computing Node Health Check: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Edge Computing Node Health Check for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When Splunk detects a DDoS attack, creates ServiceNow security incident, activates CrowdStrike response, and alerts SOC.
naftiko: '0.5'
info:
label: Splunk DDoS Detection Response
description: When Splunk detects a DDoS attack, creates ServiceNow security incident, activates CrowdStrike response, and alerts SOC.
tags:
- security
- splunk
- servicenow
- crowdstrike
- slack
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: splunk_ddos_detection_response
description: When Splunk detects a DDoS attack, creates ServiceNow security incident, activates CrowdStrike response, and alerts SOC.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Splunk DDoS Detection Response: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Splunk DDoS Detection Response for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Tracks small cell deployment progress in Jira, validates permits, and posts status to network deployment team.
naftiko: '0.5'
info:
label: Small Cell Deployment Tracking
description: Tracks small cell deployment progress in Jira, validates permits, and posts status to network deployment team.
tags:
- network
- small-cell
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: small_cell_deployment_tracking
description: Tracks small cell deployment progress in Jira, validates permits, and posts status to network deployment team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Small Cell Deployment Tracking: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Small Cell Deployment Tracking for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When a vendor contract nears expiry, creates Jira task, notifies procurement, and logs in Snowflake.
naftiko: '0.5'
info:
label: Vendor Contract Renewal Workflow
description: When a vendor contract nears expiry, creates Jira task, notifies procurement, and logs in Snowflake.
tags:
- procurement
- jira
- microsoft-teams
- snowflake
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: vendor_contract_renewal_workflow
description: When a vendor contract nears expiry, creates Jira task, notifies procurement, and logs in Snowflake.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Vendor Contract Renewal Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Vendor Contract Renewal Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Provisions CPE devices by creating ServiceNow work orders, scheduling technician dispatch, and notifying customer ops.
naftiko: '0.5'
info:
label: Customer Premise Equipment Provisioning
description: Provisions CPE devices by creating ServiceNow work orders, scheduling technician dispatch, and notifying customer ops.
tags:
- field-service
- cpe
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: customer_premise_equipment_provisioning
description: Provisions CPE devices by creating ServiceNow work orders, scheduling technician dispatch, and notifying customer ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Customer Premise Equipment Provisioning: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Customer Premise Equipment Provisioning for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Pulls capital project data from Oracle, queries Snowflake for variances, and posts to finance.
naftiko: '0.5'
info:
label: Capital Project Budget Variance Report
description: Pulls capital project data from Oracle, queries Snowflake for variances, and posts to finance.
tags:
- finance
- capital-projects
- oracle
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: capital_project_budget_variance_report
description: Pulls capital project data from Oracle, queries Snowflake for variances, and posts to finance.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Capital Project Budget Variance Report: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Capital Project Budget Variance Report for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Workday for incomplete enrollments and sends reminders via Teams.
naftiko: '0.5'
info:
label: Workday Benefits Enrollment Reminder
description: Queries Workday for incomplete enrollments and sends reminders via Teams.
tags:
- hr
- benefits
- workday
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: workday_benefits_enrollment_reminder
description: Queries Workday for incomplete enrollments and sends reminders via Teams.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Workday Benefits Enrollment Reminder: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Workday Benefits Enrollment Reminder for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Pulls open positions from Workday, creates LinkedIn postings, and posts summary to talent team.
naftiko: '0.5'
info:
label: LinkedIn Talent Acquisition Campaign
description: Pulls open positions from Workday, creates LinkedIn postings, and posts summary to talent team.
tags:
- hr
- talent-acquisition
- workday
- linkedin
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: linkedin_talent_acquisition_campaign
description: Pulls open positions from Workday, creates LinkedIn postings, and posts summary to talent team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'LinkedIn Talent Acquisition Campaign: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'LinkedIn Talent Acquisition Campaign for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Posts a message to a Teams channel.
naftiko: '0.5'
info:
label: Microsoft Teams Channel Notification
description: Posts a message to a Teams channel.
tags:
- collaboration
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: microsoft_teams_channel_notification
description: Posts a message to a Teams channel.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-microsoft
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries Snowflake for 5G coverage data by region.
naftiko: '0.5'
info:
label: Snowflake 5G Coverage Query
description: Queries Snowflake for 5G coverage data by region.
tags:
- network
- 5g
- snowflake
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: snowflake_5g_coverage_query
description: Queries Snowflake for 5G coverage data by region.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-snowflake
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Pulls diversity metrics from Workday, refreshes Power BI dashboard, and posts to HR leadership.
naftiko: '0.5'
info:
label: Workday Diversity Metrics Report
description: Pulls diversity metrics from Workday, refreshes Power BI dashboard, and posts to HR leadership.
tags:
- hr
- diversity
- workday
- power-bi
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: workday_diversity_metrics_report
description: Pulls diversity metrics from Workday, refreshes Power BI dashboard, and posts to HR leadership.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Workday Diversity Metrics Report: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Workday Diversity Metrics Report for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When a Databricks job fails, creates Jira ticket and notifies data platform team.
naftiko: '0.5'
info:
label: Databricks Job Failure Alert
description: When a Databricks job fails, creates Jira ticket and notifies data platform team.
tags:
- data-engineering
- databricks
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: databricks_job_failure_alert
description: When a Databricks job fails, creates Jira ticket and notifies data platform team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Databricks Job Failure Alert: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Databricks Job Failure Alert for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Coordinates quarterly close with Oracle ERP, Snowflake validation, and finance notification.
naftiko: '0.5'
info:
label: Quarterly Financial Close Orchestration
description: Coordinates quarterly close with Oracle ERP, Snowflake validation, and finance notification.
tags:
- finance
- oracle
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: quarterly_financial_close_orchestration
description: Coordinates quarterly close with Oracle ERP, Snowflake validation, and finance notification.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Quarterly Financial Close Orchestration: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Quarterly Financial Close Orchestration for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Snowflake for carbon footprint data, generates sustainability report, and posts to ESG team.
naftiko: '0.5'
info:
label: Sustainability Carbon Footprint Report
description: Queries Snowflake for carbon footprint data, generates sustainability report, and posts to ESG team.
tags:
- sustainability
- esg
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: sustainability_carbon_footprint_report
description: Queries Snowflake for carbon footprint data, generates sustainability report, and posts to ESG team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Sustainability Carbon Footprint Report: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Sustainability Carbon Footprint Report for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Triggers a Tableau workbook refresh for Verizon's executive KPI dashboards and notifies the business intelligence team via Slack when the refresh completes.
naftiko: '0.5'
info:
label: Tableau Executive Dashboard Refresh
description: Triggers a Tableau workbook refresh for Verizon's executive KPI dashboards and notifies the business intelligence team via Slack when the refresh completes.
tags:
- analytics
- tableau
- slack
- reporting
- dashboards
capability:
exposes:
- type: mcp
namespace: exec-dashboards
port: 8080
tools:
- name: refresh-exec-dashboard
description: Given a Tableau workbook ID and site ID, trigger a workbook data refresh and notify the BI team Slack channel upon completion.
inputParameters:
- name: workbook_id
in: body
type: string
description: The Tableau workbook LUID to refresh.
- name: site_id
in: body
type: string
description: The Tableau server site ID.
- name: slack_channel
in: body
type: string
description: Slack channel to notify on completion.
steps:
- name: trigger-refresh
type: call
call: tableau.refresh-workbook
with:
site_id: '{{site_id}}'
workbook_id: '{{workbook_id}}'
- name: notify-bi-team
type: call
call: slack-bi.post-message
with:
channel: '{{slack_channel}}'
text: 'Tableau dashboard refresh completed: workbook {{workbook_id}}. Job {{trigger-refresh.job_id}} — Status: {{trigger-refresh.status}}.'
consumes:
- type: http
namespace: tableau
baseUri: https://tableau.verizon.com/api/2.8
authentication:
type: apikey
key: X-Tableau-Auth
value: $secrets.tableau_token
placement: header
resources:
- name: workbook-refresh
path: /sites/{{site_id}}/workbooks/{{workbook_id}}/refresh
inputParameters:
- name: site_id
in: path
- name: workbook_id
in: path
operations:
- name: refresh-workbook
method: POST
- type: http
namespace: slack-bi
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Pulls HubSpot email campaign metrics and posts a weekly marketing performance summary to the Verizon Business marketing Slack channel.
naftiko: '0.5'
info:
label: HubSpot Marketing Campaign Performance Digest
description: Pulls HubSpot email campaign metrics and posts a weekly marketing performance summary to the Verizon Business marketing Slack channel.
tags:
- marketing
- hubspot
- slack
- reporting
- campaigns
capability:
exposes:
- type: mcp
namespace: marketing-reporting
port: 8080
tools:
- name: digest-campaign-performance
description: Given a HubSpot campaign ID, fetch open rate, click rate, and conversion metrics, then post a formatted performance digest to the marketing Slack channel.
inputParameters:
- name: campaign_id
in: body
type: string
description: The HubSpot email campaign ID.
- name: slack_channel
in: body
type: string
description: Slack channel name or ID for the campaign digest.
steps:
- name: get-campaign-stats
type: call
call: hubspot.get-campaign-stats
with:
campaign_id: '{{campaign_id}}'
- name: post-digest
type: call
call: slack-marketing.post-message
with:
channel: '{{slack_channel}}'
text: 'Campaign Digest: {{get-campaign-stats.name}}. Sent: {{get-campaign-stats.numSent}}, Opens: {{get-campaign-stats.numOpened}} ({{get-campaign-stats.openRate}}%), Clicks: {{get-campaign-stats.numClicked}} ({{get-campaign-stats.clickRate}}%).'
consumes:
- type: http
namespace: hubspot
baseUri: https://api.hubapi.com/marketing/v3
authentication:
type: bearer
token: $secrets.hubspot_token
resources:
- name: campaigns
path: /emails/{{campaign_id}}/statistics/summary
inputParameters:
- name: campaign_id
in: path
operations:
- name: get-campaign-stats
method: GET
- type: http
namespace: slack-marketing
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves a CMDB configuration item.
naftiko: '0.5'
info:
label: ServiceNow CMDB Asset Lookup
description: Retrieves a CMDB configuration item.
tags:
- itsm
- asset-management
- servicenow
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: servicenow_cmdb_asset_lookup
description: Retrieves a CMDB configuration item.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-servicenow
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Queries Snowflake for spectrum utilization data, generates capacity report, and posts to spectrum planning.
naftiko: '0.5'
info:
label: Spectrum Utilization Report
description: Queries Snowflake for spectrum utilization data, generates capacity report, and posts to spectrum planning.
tags:
- network
- spectrum
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: spectrum_utilization_report
description: Queries Snowflake for spectrum utilization data, generates capacity report, and posts to spectrum planning.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Spectrum Utilization Report: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Spectrum Utilization Report for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Identifies Salesforce accounts with declining engagement scores from Snowflake and creates ServiceNow tasks for account managers to initiate retention outreach.
naftiko: '0.5'
info:
label: Salesforce Customer Churn Risk Alert
description: Identifies Salesforce accounts with declining engagement scores from Snowflake and creates ServiceNow tasks for account managers to initiate retention outreach.
tags:
- crm
- customer-success
- salesforce
- snowflake
- servicenow
- retention
capability:
exposes:
- type: mcp
namespace: churn-prevention
port: 8080
tools:
- name: flag-churn-risk-accounts
description: Query Snowflake for accounts with declining engagement scores and update Salesforce with churn risk flags, then create ServiceNow outreach tasks for account managers.
inputParameters:
- name: churn_score_threshold
in: body
type: number
description: Churn risk score threshold below which accounts are flagged (0-100).
- name: account_manager_group
in: body
type: string
description: ServiceNow assignment group for account manager outreach tasks.
steps:
- name: get-at-risk-accounts
type: call
call: snowflake-churn.execute-query
with:
statement: SELECT account_id, account_name, churn_score, last_activity_date FROM crm.account_health WHERE churn_score < {{churn_score_threshold}} ORDER BY churn_score ASC LIMIT 50
- name: create-outreach-task
type: call
call: servicenow-retention.create-task
with:
short_description: 'Churn risk outreach required: {{get-at-risk-accounts.count}} accounts below threshold {{churn_score_threshold}}'
description: Snowflake churn analysis identified accounts with risk scores below {{churn_score_threshold}}. Initiate retention outreach for each account.
assignment_group: '{{account_manager_group}}'
consumes:
- type: http
namespace: snowflake-churn
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: statements
path: /statements
operations:
- name: execute-query
method: POST
- type: http
namespace: servicenow-retention
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: tasks
path: /table/sc_task
operations:
- name: create-task
method: POST
When a Snowflake ETL pipeline fails, creates Jira ticket and notifies data engineering.
naftiko: '0.5'
info:
label: Data Pipeline Failure Recovery
description: When a Snowflake ETL pipeline fails, creates Jira ticket and notifies data engineering.
tags:
- data-engineering
- snowflake
- jira
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: data_pipeline_failure_recovery
description: When a Snowflake ETL pipeline fails, creates Jira ticket and notifies data engineering.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Data Pipeline Failure Recovery: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Data Pipeline Failure Recovery for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Coordinates DR test by creating Jira checklist, scheduling ServiceNow change window, and notifying all teams.
naftiko: '0.5'
info:
label: Disaster Recovery Test Coordination
description: Coordinates DR test by creating Jira checklist, scheduling ServiceNow change window, and notifying all teams.
tags:
- infrastructure
- disaster-recovery
- jira
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: disaster_recovery_test_coordination
description: Coordinates DR test by creating Jira checklist, scheduling ServiceNow change window, and notifying all teams.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Disaster Recovery Test Coordination: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Disaster Recovery Test Coordination for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Retrieves a Confluence page by ID.
naftiko: '0.5'
info:
label: Confluence Page Lookup
description: Retrieves a Confluence page by ID.
tags:
- collaboration
- confluence
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: confluence_page_lookup
description: Retrieves a Confluence page by ID.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-confluence
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
When GitHub finds a vulnerability, creates Jira ticket, opens ServiceNow change request, and alerts security.
naftiko: '0.5'
info:
label: IT Security Vulnerability Remediation
description: When GitHub finds a vulnerability, creates Jira ticket, opens ServiceNow change request, and alerts security.
tags:
- security
- github
- jira
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: it_security_vulnerability_remediation
description: When GitHub finds a vulnerability, creates Jira ticket, opens ServiceNow change request, and alerts security.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'IT Security Vulnerability Remediation: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'IT Security Vulnerability Remediation for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Routes enterprise deal approvals from Salesforce, validates pricing in Snowflake, and notifies leadership.
naftiko: '0.5'
info:
label: Enterprise Deal Approval Workflow
description: Routes enterprise deal approvals from Salesforce, validates pricing in Snowflake, and notifies leadership.
tags:
- sales
- enterprise
- salesforce
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: enterprise_deal_approval_workflow
description: Routes enterprise deal approvals from Salesforce, validates pricing in Snowflake, and notifies leadership.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Enterprise Deal Approval Workflow: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Enterprise Deal Approval Workflow for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Verifies contractor certifications, provisions site access via Okta, and notifies the safety team.
naftiko: '0.5'
info:
label: Contractor Safety Certification Check
description: Verifies contractor certifications, provisions site access via Okta, and notifies the safety team.
tags:
- ehs
- contractor-management
- okta
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: contractor_safety_certification_check
description: Verifies contractor certifications, provisions site access via Okta, and notifies the safety team.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Contractor Safety Certification Check: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Contractor Safety Certification Check for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Queries Workday for overdue training, creates ServiceNow ticket, and notifies managers.
naftiko: '0.5'
info:
label: Compliance Training Overdue Alert
description: Queries Workday for overdue training, creates ServiceNow ticket, and notifies managers.
tags:
- hr
- compliance
- workday
- servicenow
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: compliance_training_overdue_alert
description: Queries Workday for overdue training, creates ServiceNow ticket, and notifies managers.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'Compliance Training Overdue Alert: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'Compliance Training Overdue Alert for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
Uses Anthropic Claude to analyze network anomaly patterns from Snowflake and posts findings to network ops.
naftiko: '0.5'
info:
label: AI-Assisted Network Anomaly Detection
description: Uses Anthropic Claude to analyze network anomaly patterns from Snowflake and posts findings to network ops.
tags:
- network
- anthropic
- snowflake
- microsoft-teams
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: ai_assisted_network_anomaly_detection
description: Uses Anthropic Claude to analyze network anomaly patterns from Snowflake and posts findings to network ops.
inputParameters:
- name: entity_id
type: string
description: Primary entity identifier.
- name: context
type: string
description: Additional context.
steps:
- name: gather-data
type: call
call: snowflake.run-query
with:
entity_id: '{{entity_id}}'
context: '{{context}}'
- name: create-action
type: call
call: servicenow.create-incident
with:
short_description: 'AI-Assisted Network Anomaly Detection: {{entity_id}}'
description: 'Data: {{gather-data.results}}'
- name: notify-team
type: call
call: msteams.post-channel-message
with:
channel_id: $secrets.teams_ops_channel
text: 'AI-Assisted Network Anomaly Detection for {{entity_id}} | Action: {{create-action.number}}'
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
- type: http
namespace: servicenow
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: msteams
baseUri: https://graph.microsoft.com/v1.0
authentication:
type: bearer
token: $secrets.msgraph_token
resources:
- name: channel-messages
path: /teams/ops/channels/{{channel_id}}/messages
operations:
- name: post-channel-message
method: POST
When Splunk detects a high-severity security event, creates a CrowdStrike investigation, opens a ServiceNow security incident, and alerts the SOC via Slack.
naftiko: '0.5'
info:
label: Splunk Security Event Triage
description: When Splunk detects a high-severity security event, creates a CrowdStrike investigation, opens a ServiceNow security incident, and alerts the SOC via Slack.
tags:
- security
- splunk
- crowdstrike
- servicenow
- slack
- soc
capability:
exposes:
- type: mcp
namespace: soc-triage
port: 8080
tools:
- name: triage-security-event
description: Given a Splunk alert ID and affected host, create a CrowdStrike detection investigation, open a ServiceNow security incident, and notify the SOC Slack channel.
inputParameters:
- name: splunk_alert_id
in: body
type: string
description: The Splunk alert ID or search job SID.
- name: affected_host
in: body
type: string
description: Hostname or IP address of the affected system.
- name: event_type
in: body
type: string
description: Type of security event (e.g., malware, unauthorized_access, data_exfiltration).
- name: severity
in: body
type: string
description: 'Event severity: critical, high, medium, or low.'
steps:
- name: get-splunk-event
type: call
call: splunk.get-alert-results
with:
alert_id: '{{splunk_alert_id}}'
- name: create-cs-investigation
type: call
call: crowdstrike.create-detection
with:
hostname: '{{affected_host}}'
description: 'Splunk alert {{splunk_alert_id}}: {{event_type}} detected. Details: {{get-splunk-event.results}}'
- name: create-snow-incident
type: call
call: servicenow-soc.create-incident
with:
short_description: '[{{severity}}] Security event: {{event_type}} on {{affected_host}}'
description: 'Splunk alert {{splunk_alert_id}}. CrowdStrike detection: {{create-cs-investigation.detection_id}}. Host: {{affected_host}}.'
category: security
urgency: '1'
- name: alert-soc
type: call
call: slack-soc.post-message
with:
channel: soc-alerts
text: 'Security Event ({{severity}}): {{event_type}} on {{affected_host}}. CrowdStrike: {{create-cs-investigation.detection_id}}. ServiceNow: {{create-snow-incident.number}}.'
consumes:
- type: http
namespace: splunk
baseUri: https://splunk.verizon.com:8089/services
authentication:
type: bearer
token: $secrets.splunk_token
resources:
- name: alert-results
path: /search/jobs/{{alert_id}}/results
inputParameters:
- name: alert_id
in: path
operations:
- name: get-alert-results
method: GET
- type: http
namespace: crowdstrike
baseUri: https://api.crowdstrike.com
authentication:
type: bearer
token: $secrets.crowdstrike_token
resources:
- name: detections
path: /detects/entities/detects/v2
operations:
- name: create-detection
method: PATCH
- type: http
namespace: servicenow-soc
baseUri: https://verizon.service-now.com/api/now
authentication:
type: basic
username: $secrets.servicenow_user
password: $secrets.servicenow_password
resources:
- name: incidents
path: /table/incident
operations:
- name: create-incident
method: POST
- type: http
namespace: slack-soc
baseUri: https://slack.com/api
authentication:
type: bearer
token: $secrets.slack_bot_token
resources:
- name: messages
path: /chat.postMessage
operations:
- name: post-message
method: POST
Retrieves Okta user status by email.
naftiko: '0.5'
info:
label: Okta User Status Lookup
description: Retrieves Okta user status by email.
tags:
- identity
- okta
capability:
exposes:
- type: mcp
namespace: vz-ops
port: 8080
tools:
- name: okta_user_status_lookup
description: Retrieves Okta user status by email.
inputParameters:
- name: entity_id
type: string
description: Primary identifier.
call: primary.get-okta
with:
entity_id: '{{entity_id}}'
outputParameters:
- name: result
type: string
mapping: $.data
consumes:
- type: http
namespace: snowflake
baseUri: https://verizon.snowflakecomputing.com/api/v2
authentication:
type: bearer
token: $secrets.snowflake_token
resources:
- name: sql-statements
path: /statements
operations:
- name: run-query
method: POST
Score Breakdown — Total: 6620
Each row links to its full definition on the Naftiko Signal Groups page.
85 14 25 288 287 123 225 135 106 472 124 165 334 73 121 168 53 65 22 171 325 185 40 116 477 968 182 88 36 76 63 7 98 107 203 53 84 23 46 63 83Areas — Total: 1959
- .NET
- 3D
- 3D Graphics
- A/B Testing
- AI Agents
- AI Applications
- AI Architectures
- AI Governance
- AI Infrastructure
- AI Ops
- AI Platforms
- AI Securities
- AI Solutions
- AI Technologies
- AI Trainings
- API Design
- API Development
- API Gateways
- API Integrations
- API Testing
- Acceptance Testing
- Access Controls
- Access Management
- Accessibility
- Account Management
- Accountability
- Accounting
- Accounting Systems
- Accounts Payables
- Accounts Receivables
- Active Directory
- Active Directory Certificate Services
- Active Directory Domain Services
- Ad Management
- Ad Platforms
- Ad-teches
- Administration
- Administratives
- Advertising
- Advertising Platforms
- Advertising Technologies
- Agent Development
- Agent Frameworks
- Agentic AI
- Agentic Frameworks
- Agentic Systems
- Agentics
- Agents
- Alarm Systems
- Alerting
- Alerts
- Algorithm Design
- Algorithm Development
- Algorithm Implementations
- Algorithms
- Ambassadors
- Analysis
- Analytics
- Androids
- Animations
- Annotations
- Anomaly Detections
- Anti-Money Launderings
- Antivirus
- Apache Portable Runtimes
- Application Architectures
- Application Development
- Application Integrations
- Application Lifecycle Management
- Application Management
- Application Monitoring
- Application Performance Management
- Application Performance Monitoring
- Application Platforms
- Application Profilings
- Application Programming Interfaces
- Application Securities
- Application Servers
- Applications
- Architecture Design
- Architecture Governance
- Architectures
- Archives
- Argus
- Arrays
- Artemis
- Artificial Intelligence
- Artificial Intelligence/Machine Learning
- Assessment Tools
- Assessments
- Asset Inventories
- Asset Management
- Asset Managers
- Asset Tracking
- Assignments
- Asynchronous
- Audience Engagements
- Audience Segmentations
- Audio
- Audit Processes
- Audit Reports
- Audit Technologies
- Audit Tools
- Audit Trails
- Audits
- Australias
- Authentications
- Authorizations
- Auto Scaling
- Automated Testing
- Automated Testing Frameworks
- Automation
- Automation Platforms
- Automation Testing
- Automation Tools And Processes
- Automotive
- Autonomous Agents
- Autonomous Systems
- Autoscalings
- Awareness
- Axioms
- BI
- BPM
- Backend Development
- Backends
- Background Checks
- Backup And Recovery
- Backups
- Backward Compatibilities
- Banking
- Bashes
- Batch Processing
- Behavioral Analysis
- Benchmarkings
- Benchmarks
- Benefits Administration
- Best Practices
- Big Data
- Billings
- Bookings
- Border Controls
- Bots
- Bridges
- Broadcast Technologies
- Broadcastings
- Browser Compatibilities
- Browsers
- Budgetings
- Bug Tracking
- Build Automation
- Build Pipelines
- Build Systems
- Build Tools
- Building Automation
- Building Performances
- Building Securities
- Business
- Business Alignments
- Business Analysis
- Business Analytics
- Business Applications
- Business Continuities
- Business Excellence
- Business Intelligence
- Business Logics
- Business Management
- Business Models
- Business Operations
- Business Plannings
- Business Plans
- Business Process
- Business Process Management
- Business Solutions
- Business Strategies
- Business Tools
- Business Transformations
- Business to Consumers
- Business-to-Business
- CAD Software
- CI
- Caches
- Caching
- Calendars
- Cameras
- Campaign Management
- Capacity Management
- Capital Markets
- Career Development
- Case Laws
- Case Management
- Cash Management
- Catalog Management
- Catalogs
- Certificates
- Certifications
- Change Data Captures
- Change Management
- Chaos Engineering
- Charts
- Chatbots
- Chats
- Chemical Engineering
- Chromiums
- Cities
- Claims Processing
- Classification
- Client Communications
- Client Management
- Client Relations
- Client Relationship Management
- Client Services
- Client Solutions
- Clients
- Climate Changes
- Climates
- Cloud Access
- Cloud Architectures
- Cloud Computes
- Cloud Computing
- Cloud Computing Platforms
- Cloud Connectivity
- Cloud Data
- Cloud Databases
- Cloud Deployments
- Cloud Development
- Cloud Engineering
- Cloud Environments
- Cloud Infrastructure
- Cloud Integrations
- Cloud Management
- Cloud Migrations
- Cloud Natives
- Cloud Networking
- Cloud Operations
- Cloud Platforms
- Cloud Runs
- Cloud Securities
- Cloud Security Frameworks
- Cloud Security Posture Management
- Cloud Service Providers
- Cloud Services
- Cloud Software
- Cloud Solutions
- Cloud Storage
- Cloud Systems
- Cloud Technologies
- Cloud-Based
- Cloud-Based Data Platforms
- Cloud-based Solutions
- Cloud-native Architectures
- Cloud-native Development
- Cloud-native Platforms
- Cloud-native Services
- Cloud-native Solutions
- Cloud-native Tech
- Cloud-native Technologies
- Clouds
- Cluster Management
- Clustering
- Coals
- Code Analysis
- Code Assistants
- Code Coverages
- Code Generations
- Code Inspections
- Code Management
- Code Quality
- Code Refactorings
- Code Repositories
- Code Reviews
- Code Versioning Tools
- Codes
- Collaboration Tools
- Collaborations
- Collaborative Development
- Collaterals
- Collections
- Column-Oriented
- Command Lines
- Commerce
- Commercial Services
- Commodities
- Common Sense
- Communication Tools
- Communications
- Communities
- Community Engagements
- Compatibilities
- Competitive Analysis
- Competitive Intelligence
- Competitor Analysis
- Compilations
- Compilers
- Complex Systems
- Complexity Analysis
- Compliance
- Compliance Frameworks
- Compliance Management
- Compliance Monitoring
- Compliance Oversights
- Compliance Policies
- Compliance Tools
- Component Engineering
- Component Libraries
- Compressions
- Computations
- Computer Aided Design
- Computer Aided Engineering
- Computer Aided Manufacturing
- Computer Applications
- Computer Graphics
- Computer Sciences
- Computer Systems
- Computer Visions
- Computers
- Computes
- Computing
- Concurrencies
- Conferences
- Conferencings
- Configuration Management
- Configuration Management Tools
- Configurations
- Connectivity
- Connectors
- Construction
- Consulting Services
- Consultings
- Consumer Electronics
- Contact Centers
- Contacts
- Container Management
- Container Orchestration
- Container Securities
- Containerization
- Containerization Technologies
- Containerized Applications
- Containerized Deployments
- Containerized Environments
- Containers
- Content Creations
- Content Deliveries
- Content Delivery Networks
- Content Generations
- Content Management
- Content Management Systems
- Content Marketing
- Content Strategies
- Contents
- Contexts and Dependency Injections
- Continuous Deliveries
- Continuous Deployments
- Continuous Improvements
- Continuous Integration/Continuous Deployments
- Continuous Integrations
- Continuous Learning
- Continuous Monitoring
- Contract Management
- Contributions
- Control Algorithms
- Control Planes
- Control Systems
- Controllers
- Controls
- Conversational AI
- Coordinates
- Copywritings
- Core Systems
- Corporate Finances
- Corporate Learning
- Cost Accounting
- Cost Controls
- Cost Management
- Cost Optimizations
- Country-Specific
- Creative Productions
- Creative Suites
- Creative Tools
- Credentials
- Credit Applications
- Credit Cards
- Critical Thinkings
- Cross Platforms
- Cross-browser Compatibilities
- Cryptographies
- Cs
- Cultural Changes
- Currencies
- Custodies
- Custom Development
- Custom Software
- Custom Solutions
- Customer Analytics
- Customer Data
- Customer Data Platforms
- Customer Engagements
- Customer Experiences
- Customer Feedback
- Customer Intelligence
- Customer Journeys
- Customer Management
- Customer Onboardings
- Customer Relationship Management
- Customer Satisfactions
- Customer Segmentations
- Customer Service
- Customer Success
- Customer Support
- Customizations
- Customs
- Cyber Defenses
- Cyber Resiliences
- Cyber Securities
- Cyber Security Assessments
- Cybersecurities
- Cybersecurity Frameworks
- DNS, DHCP, and IP Address Management
- Dashboards
- Data
- Data Access
- Data Accessibility
- Data Acquisition
- Data Analysis
- Data Analysis Methods
- Data Analysis Software
- Data Analysis Techniques
- Data Analysis Tools
- Data Analytic Tools
- Data Analytics
- Data Analytics Platforms
- Data Analytics Tools
- Data Annotations
- Data Architectures
- Data Capabilities
- Data Captures
- Data Catalogs
- Data Center Infrastructure
- Data Center Operations
- Data Center Services
- Data Centers
- Data Cleanings
- Data Cleansing
- Data Collections
- Data Dashboards
- Data Distributions
- Data Engineering
- Data Enrichments
- Data Entries
- Data Exchanges
- Data Explorations
- Data Extractions
- Data Fabrics
- Data Factories
- Data Flows
- Data Governance
- Data Governance Frameworks
- Data Governance Policies
- Data Governance Tools
- Data Handling
- Data Import/Export
- Data Infrastructure
- Data Ingestions
- Data Insights
- Data Integrations
- Data Integrity
- Data Intelligence
- Data Interchange
- Data Interpretations
- Data Lakes
- Data Lineages
- Data Management
- Data Management Systems
- Data Management Tools
- Data Manipulations
- Data Migrations
- Data Mining
- Data Monitoring
- Data Movements
- Data Operations
- Data Orchestration
- Data Ownerships
- Data Parsings
- Data Persistences
- Data Pipelines
- Data Platforms
- Data Preparations
- Data Privacies
- Data Privacy Rules
- Data Processes
- Data Processing
- Data Processing Pipelines
- Data Products
- Data Profilings
- Data Protection
- Data Providers
- Data Quality
- Data Quality Frameworks
- Data Reconciliations
- Data Retentions
- Data Science Models
- Data Science Techniques
- Data Sciences
- Data Securities
- Data Services
- Data Sharing
- Data Stacks
- Data Storage
- Data Storage Systems
- Data Storytellings
- Data Strategies
- Data Streamings
- Data Structures
- Data Synchronizations
- Data Systems
- Data Technologies
- Data Tools
- Data Transfers
- Data Transformations
- Data Validation
- Data Visualisations
- Data Visualization Tools
- Data Visualizations
- Data Warehouses
- Data Warehousing
- Data Wranglings
- Data and Analytics
- Data-Driven
- Data-Driven Development
- Data-driven Decision Making
- Data-driven Insights
- Data-driven Optimizations
- Database Administration
- Database Architectures
- Database Design
- Database Management
- Database Management Tools
- Database Optimizations
- Database Systems
- Database Technologies
- Database Tuning
- Databases
- Debuggings
- Decision Making
- Decision Support
- Decision Support Systems
- Deep Learning
- Defis
- Deliveries
- Dependencies
- Dependency Management
- Dependency Mappings
- Dependency Tracking
- Deployment Automation
- Deployment Pipelines
- Deployment Plannings
- Deployment Practices
- Deployment Strategies
- Deployment Tools
- Deployments
- Derbies
- Derivatives
- Design
- Design Guidelines
- Design Principles
- Design Reviews
- Design Software
- Design Systems
- Design Thinkings
- Design Tools
- Design Validation
- Desktop Applications
- Desktop Software
- Desktops
- DevOps Practices
- Developer Experiences
- Developer Productivity Tools
- Developer Tools
- Development
- Development Lifecycle
- Development Platforms
- Development Practices
- Development Process
- Development Software
- Development Tools
- Device Drivers
- Device Management
- Diagnostic Tools
- Diagnostics
- Diagrammings
- Digital Advertising
- Digital Channels
- Digital Commerce
- Digital Contents
- Digital Experiences
- Digital Marketing
- Digital Media
- Digital Operations
- Digital Products
- Digital Rights
- Digital Services
- Digital Solutions
- Digital Strategies
- Digital Systems
- Digital Technologies
- Digital Tools
- Digital Transformations
- Digital Twins
- Digital Wallets
- Digitals
- Directed Acyclic Graphs
- Directory
- Directory Services
- Disaster Recovery
- Discontinued
- Distributed
- Distributed Applications
- Distributed Caches
- Distributed Computing
- Distributed Data Processing
- Distributed Databases
- Distributed Environments
- Distributed Systems
- Distributed Tracing
- Distributed Trainings
- Distribution Systems
- Distributions
- Document Object Models
- Documentations
- Documents
- Domain Adaptations
- Drift Detections
- Due Diligences
- Dynamic Application Security Testing
- Dynamic Contents
- Dynamic Models
- Dynamics
- E-commerces
- E-learnings
- E-mails
- E-procurements
- ERP
- ESB
- Ecommerces
- Economic Analysis
- Economic Data
- Economics
- Ecosystems
- Edge Computing
- Ediscoveries
- Educational Software
- Educational Technologies
- Educations
- Efficiencies
- Elections
- Electric Vehicles
- Electrical Infrastructure
- Electronic Communications
- Electronic Data Interchange
- Electronics
- Email Marketing
- Emails
- Embedded Systems
- Embeddings
- Emergency Responses
- Employee Benefits
- Employee Development
- Employee Engagements
- Employee Experiences
- Employment
- Enablement
- Encryptions
- End To End
- End-to-end Testing
- Endpoint Management
- Endpoint Securities
- Energies
- Energy Efficiencies
- Energy Management
- Engineering
- Enterprise AI
- Enterprise Applications
- Enterprise Architectures
- Enterprise Automation
- Enterprise Data
- Enterprise IT
- Enterprise Risks
- Enterprise Securities
- Enterprise Software
- Enterprise Solutions
- Enterprise Systems
- Enterprise Technologies
- Enterprises
- Entertainment Systems
- Entertainments
- Entrepreneurships
- Environment Management
- Equipments
- Equities
- Error Handling
- Error Tracking
- Estimations
- Ethics
- Evaluation Frameworks
- Evaluations
- Event Driven
- Event Handling
- Event Management
- Event Plannings
- Event Processing
- Event Registrations
- Event Streamings
- Events
- Examples
- Excels
- Executions
- Executive Reportings
- Expense Management
- Experimentations
- Exploitations
- Exploratory Data Analysis
- Extended Detection and Responses
- Extensions
- External Dependencies
- External Systems
- Extract Transform Loads
- Facilities Management
- Fault Tolerances
- Fault Tolerants
- Feature Engineering
- Feature Enhancements
- Feature Stores
- Federations
- Feedback
- Feedback Controls
- Finances
- Financial Accounting
- Financial Analysis
- Financial Crimes
- Financial Data
- Financial Management
- Financial Modeling
- Financial Models
- Financial Operations
- Financial Plannings
- Financial Policies
- Financial Reportings
- Financial Researches
- Financial Securities
- Financial Services
- Financial Software
- Financial Systems
- Fine-tunings
- Firewall Traversals
- Firewalls
- Firmwares
- Flashes
- Flexibilities
- Flexible Workings
- Flinks
- Floor Plannings
- Forecasting
- Forecasting Models
- Foreign Exchanges
- Forexes
- Forge
- Form Validation
- Formal Verifications
- Formatting Objects Processors
- Forms
- Foundations
- Frameworks
- Fraud Detection Systems
- Fraud Detection Tools
- Fraud Detections
- Fraud Preventions
- Frenches
- Front-ends
- Frontend Development
- Frontend Frameworks
- Frontends
- Full Stack Development
- Full Stacks
- Functional Testing
- Functions
- Futures
- Game Developers
- Game Development
- Game Engines
- Game Publishers
- Gamings
- Gateways
- General Ledgers
- Generative AI
- Generative Modeling
- Generative Models
- Geographies
- Geolocations
- Geospatials
- GitHub Copilots
- Global Markets
- Global Positioning Systems
- Globalizations
- Goal Settings
- Google Cloud Functions
- Governance
- Governance And Controls
- Governance Frameworks
- Governance Tools
- Government
- Government Policies
- Graphic Design
- Graphical User Interfaces
- Graphics
- Graphics Processing Units
- Graphs
- Green Buildings
- HCM
- HR Tech
- HR Technologies
- HTTP Servers
- Hadoop Distributed File Systems
- Hardenings
- Hardware
- Hardware Optimizations
- Hardware Testing
- Hbases
- Healthcare
- Heating, Ventilation, and Air Conditionings
- Help Desks
- High Availabilities
- High Frequency Data
- High Performance Computing
- High Performances
- High Throughputs
- Hirings
- Hospitality
- Hosting
- Human Resources
- Human-Centered Design
- Hybrid Clouds
- Hypervisors
- Hypothesis Testing
- IT Architectures
- IT Audits
- IT Infrastructure
- IT Management
- IT Operations
- IT Plannings
- IT Platforms
- IT Risks
- IT Service Management
- IT Services
- IT Strategies
- Ideas
- Ideations
- Identities
- Identity And Access Management
- Identity Management
- Image Generations
- Image Processing
- Implementations
- In Memories
- Incident Management
- Incident Response Management
- Incident Responses
- Inclusive Design
- Incubation
- Indexings
- Industrial Automation
- Industrial Engineering
- Industrial Iots
- Inference Optimizations
- Inferences
- Information Architectures
- Information Design
- Information Management
- Information Retrievals
- Information Securities
- Information Security Frameworks
- Information Sharing
- Information Systems
- Information Technologies
- Infrastructure
- Infrastructure As Codes
- Infrastructure Components
- Infrastructure Management
- Infrastructure Securities
- Innovation
- Input Validation
- Insights
- Inspections
- Instant Messaging
- Instrumentations
- Insurances
- Integrated Development Environments
- Integrated Solutions
- Integration Frameworks
- Integration Platforms
- Integration Strategies
- Integration Testing
- Integration Tests
- Integration Workflows
- Integrations
- Integrity
- Intellectual Properties
- Intelligence
- Intelligent Systems
- Interactive Contents
- Interactive Media
- Interactive Voice Responses
- Interactives
- Interface Design
- Interfaces
- Internal Audits
- Internal Communications
- Internal Controls
- Internal Databases
- Internal Platforms
- Internal Systems
- Internal Tools
- International Laws
- International Relations
- International Trades
- Internet
- Internet Applications
- Internet Technologies
- Internet of Things
- Interoperabilities
- Intranets
- Intrusion Detection Systems
- Intrusion Detections
- Inventory Management
- Investment Banking
- Investments
- Investor Relations
- Invoice Processing
- Isolations
- Issue Tracking
- Ivies
- Java Virtual Machines
- Job Scheduling
- Journalism
- Journey Mappings
- Kernel Development
- Kernels
- Key Management
- Key Metrics
- Key Values
- Knowledge Bases
- Knowledge Graphs
- Knowledge Management
- Knowledge Sharing
- LLM
- Language Understandings
- Large Data Sets
- Large Datasets
- Large Language Models
- Large-scale Distributed Systems
- Launch Strategies
- Law Enforcements
- Layer 2S
- Lead Generations
- Lead Management
- Leaderships
- Learning
- Learning And Development
- Learning Technologies
- Ledgers
- Legacy Systems
- Legal
- Legal Compliances
- Legal Frameworks
- Legal Researches
- Lessons Learned
- Libraries
- License Compliances
- Licensings
- Lifecycle Management
- Lightings
- Linear Algebras
- Live Streamings
- Load Balancers
- Load Balancings
- Load Testing
- Localizations
- Log Analysis
- Log Analytics
- Log Collections
- Log Integrations
- Log Management
- Logging
- Logistic Regressions
- Logistics
- Low Codes
- Low Latencies
- Low-Code Platforms
- Lunar Missions
- M&AS
- ML Algorithms
- ML Engineering
- Machine Learning
- Machine Learning Algorithms
- Machine Learning Engineering
- Machine Learning Frameworks
- Machine Learning Models
- Machine Learning Platforms
- Machine Learning Systems
- Mails
- Maintenance
- Managed Services
- Management
- Management Information
- Management Software
- Management Systems
- Management Tools
- Manual Processes
- Manual Testing
- Manufacturing
- Mappings
- Market Analysis
- Market Information
- Market Intelligence
- Market Researches
- Market Risks
- Marketing
- Marketing Analytics
- Marketing Automation
- Marketing Platforms
- Marketing Strategies
- Marketing Technologies
- Marketing Tools
- Marketplace Platforms
- Marketplaces
- Markets
- Massively Parallel Processing
- Master Data
- Master Data Management
- Material Handling
- Mathematical Modeling
- Mathematics
- Matrixes
- Measurements
- Mechanical Systems
- Media
- Media Contents
- Media Monitoring
- Media Productions
- Mediations
- Medical Devices
- Meeting Management
- Meetings
- Memory Management
- Mental Healths
- Mentoring
- Mergers And Acquisitions
- Meridians
- Message Queues
- Messaging
- Messaging Platforms
- Messaging Systems
- Metadata
- Metadata Management
- Metrics
- Micro-services
- Microcontrollers
- Microservices
- Microsoft Access
- Middlewares
- Migration Plannings
- Migrations
- Mission Critical
- Mobile Applications
- Mobile Apps
- Mobile Development
- Mobile Devices
- Mobile Operating Systems
- Mobile Technologies
- Mobiles
- Mockings
- Mocks
- Model Adaptations
- Model Architectures
- Model Calibrations
- Model Compressions
- Model Context Protocols
- Model Context Protocols (MCP)
- Model Deployments
- Model Development
- Model Efficiencies
- Model Evaluations
- Model Fine-tunings
- Model Governance
- Model Lifecycle Management
- Model Monitoring
- Model Optimizations
- Model Orchestration
- Model Performance
- Model Servings
- Model Trainings
- Model Validation
- Model Versionings
- Modeling
- Modeling Tools
- Modernizations
- Modularity
- Monetizations
- Monitoring
- Monitoring Tools
- Monte Carloes
- Multi-Agent Systems
- Multi-Factor Authentications
- Multi-channels
- Multi-platforms
- Multi-regions
- Multimedia Platforms
- Multimedias
- Multimodal AI
- Multimodals
- Multiple Systems
- NLP
- Natural Language Processing
- Navigation
- Negotiations
- Network Analysis
- Network Architectures
- Network Automation
- Network Configurations
- Network Design
- Network Devices
- Network Diagnostics
- Network Engineering
- Network Infrastructure
- Network Management
- Network Monitoring
- Network Optimizations
- Network Performance
- Network Programming
- Network Securities
- Network Tools
- Network Topologies
- Networking
- Neural Networks
- Neurodiversities
- New Tabs
- News
- Newsletters
- No Codes
- NoSQL
- Nonprofits
- Notebooks
- Notifications
- Numerical Computing
- OIA
- OLE for Process Controls
- ORM
- OSX
- Object-Oriented
- Observability
- Observability Stacks
- Observability Tools
- Office Suites
- Omnichannels
- On Demands
- Onboardings
- Online Advertising
- Online Banking
- Online Learning
- Online Services
- Online Tools
- Open Source
- Open-Source Software
- Open-Source Solutions
- Open-source Technologies
- Open-source Tools
- Operating Systems
- Operational Efficiencies
- Operational Excellence
- Operational Intelligence
- Operational Metrics
- Operational Practices
- Operational Resiliences
- Operational Risks
- Operational Safety
- Operational Systems
- Operational Technologies
- Operations
- Operations Management
- Operations Researches
- Operators
- Optical Character Recognitions
- Optimization Techniques
- Optimizations
- Options
- Orchestration
- Order Executions
- Order Management
- Order Management Systems
- Organizational Changes
- Organizational Design
- Organizational Development
- Organizational Structures
- Organizations
- Outlier Detections
- Package Managers
- Packages
- Packaging
- Packet Captures
- Packet Loss
- Paid Media
- Pair Programming
- Panoramas
- Parallel Computing
- Patch Management
- Pattern Recognitions
- Patterns
- Pay Per Clicks
- Payment Models
- Payment Processing
- Payment Systems
- Payments
- Payroll
- Penetration Testing
- Performance
- Performance Analysis
- Performance Engineering
- Performance Evaluations
- Performance Improvements
- Performance Management
- Performance Marketing
- Performance Measurements
- Performance Metrics
- Performance Monitoring
- Performance Optimizations
- Performance Testing
- Performance Tracking
- Performance Tuning
- Persistences
- Personalizations
- Photographies
- Physical Securities
- Pigs
- Pipeline Management
- Pipelines
- Pivot Tables
- Plannings
- Platform Development
- Platform Ecosystems
- Platform Engineering
- Platform Management
- Platform Securities
- Platform Services
- Platform Software
- Platform Solutions
- Platform Strategies
- Platform Systems
- Platforms
- Plugins
- Point Of Sales
- Policies
- Policy As Codes
- Policy Enforcements
- Policy Management
- Political Engagements
- Portabilities
- Portables
- Portals
- Portfolio Management
- Postmortems
- Power Distributions
- Power Generations
- Power Plants
- Power Tools
- Predictabilities
- Predictions
- Predictive Analytics
- Predictive Modeling
- Presentation Software
- Presentations
- Pricing Models
- Pricing Strategies
- Pricing Tools
- Pricings
- Prioritizations
- Privacy
- Private Clouds
- Probabilities
- Problem Management
- Problem Resolutions
- Problem Solving
- Process Analysis
- Process Automation
- Process Controls
- Process Design
- Process Documentations
- Process Engineering
- Process Frameworks
- Process Improvements
- Process Management
- Process Mappings
- Process Maps
- Process Mining
- Process Monitoring
- Process Optimizations
- Process Streamlinings
- Processes
- Procurement Tools
- Procurements
- Product Areas
- Product Design
- Product Development
- Product Development Lifecycle
- Product Lifecycle Management
- Product Management
- Product Masters
- Product Owners
- Product Ownerships
- Product Roadmaps
- Product Securities
- Product Strategies
- Production
- Production Deployments
- Production Environments
- Production Monitoring
- Production Support
- Production Systems
- Productivity
- Productivity Tools
- Products
- Professional Development
- Professional Services
- Profilings
- Program Management
- Programmable Logic Controllers
- Programming
- Programming Languages
- Progress Reports
- Project Closeouts
- Project Management
- Project Management Tools
- Project Schedules
- Projects
- Prompt Engineering
- Promptings
- Prompts
- Property Management
- Proprietary Software
- Protection
- Protocols
- Prototype Development
- Prototyping
- Provisioning Process
- Provisionings
- Proxies
- Prunings
- Psychologies
- Public Affairs
- Public Clouds
- Public Key Infrastructure
- Purchasings
- QA
- QA Process
- Quality Assurance
- Quality Assurance Processes
- Quality Assurance Testing
- Quality Controls
- Quality Frameworks
- Quality Management
- Quality Metrics
- Quality Testing
- Quality Tools
- Quantitative Analysis
- Quantitative Modeling
- Query Languages
- Queues
- Random Processes
- Rapid Prototyping
- Ratings
- Reactives
- Real Estates
- Real Time
- Real-Time Communications
- Real-Time Operating Systems
- Real-time Analytics
- Real-time Applications
- Real-time Data
- Real-time Environments
- Real-time Inferences
- Real-time Insights
- Real-time Monitoring
- Real-time Operations
- Real-time Processing
- Real-time Rendering
- Real-time Systems
- Real-time Visibility
- Reasonings
- Recipes
- Reconciliations
- Reconnaissances
- Record Keepings
- Recordings
- Records Management
- Recruitings
- Recruitment
- Reference Models
- Registrations
- Regression Analysis
- Regression Testing
- Regulatory Compliances
- Reinforcement Learning
- Relational Data
- Relational Database Management Systems
- Relational Databases
- Relationals
- Relationship Buildings
- Relationship Management
- Release Activities
- Release Engineering
- Release Management
- Release Management Processes
- Release Pipelines
- Release Plannings
- Release/Deployment
- Reliabilities
- Reliability Engineering
- Remote Access
- Remote Desktops
- Remote Learning
- Remote Works
- Rendering
- Renewable Energies
- Replications
- Reporting And Analytics
- Reporting Frameworks
- Reporting Mechanisms
- Reporting Platforms
- Reporting Solutions
- Reporting Systems
- Reporting Tools
- Reportings
- Requirements
- Requirements Engineering
- Requirements Gatherings
- Requirements Management
- Research
- Research Data
- Resiliences
- Resiliency
- Resilient Systems
- Resource Allocations
- Resource Management
- Resource Plannings
- Resource Scheduling
- Responsive Design
- Rest Assured
- Retails
- Reusable Components
- Revenue Generations
- Revenue Models
- Revenue Operations
- Revenue Strategies
- Revenues
- Review And Approvals
- Reviews
- Rich Internet Applications
- Risk Analysis
- Risk Assessments
- Risk Management
- Roadmappings
- Robotic Process Automation
- Robotics
- Robustness
- Root Cause Analysis
- Routers
- Routings
- Rule-Based Systems
- Runtime Environments
- Runtimes
- SQL Databases
- SQL Queries
- Safes
- Safety
- Safety Engineering
- Sales
- Sales Analytics
- Sales Analytics Tools
- Sales Automation
- Sales Enablement
- Sales Management
- Sales Tools
- Sales Trainings
- Sanctions
- Sanctions Compliances
- Sandboxes
- Sanity Testing
- Scalabilities
- Scaling
- Scannings
- Scenario Analysis
- Scenario Modeling
- Scenarios
- Scheduling
- Scientific Computing
- Scorings
- Screen Recordings
- Screenings
- Scripting Languages
- Scriptings
- Search
- Search Engine Optimizations
- Search Engines
- Secrets Management
- Secure Architectures
- Secure Coding Practices
- Secure Codings
- Secure Communications
- Secure Configurations
- Secure Design
- Secure Development
- Secure Software Development
- Security
- Security Administration
- Security Alarms
- Security Architecture Reviews
- Security Architectures
- Security Assessments
- Security Audits
- Security Automation
- Security Best Practices
- Security Compliances
- Security Controls
- Security Design
- Security Development Lifecycle
- Security Engineering
- Security Frameworks
- Security Governance
- Security Groups
- Security Incident Responses
- Security Information and Event Management
- Security Management
- Security Measures
- Security Monitoring
- Security Operations
- Security Orchestration, Automation and Responses
- Security Patchings
- Security Platforms
- Security Policy Management
- Security Procedures
- Security Requirements
- Security Reviews
- Security Risk Assessments
- Security Solutions
- Security Systems
- Security Testing
- Security Tools
- Segmentations
- Self Services
- Self-healings
- Semantic Searches
- Sensors
- Serializations
- Serverless
- Serverless Architectures
- Servers
- Service Assurance
- Service Bus
- Service Catalogs
- Service Deliveries
- Service Design
- Service Desks
- Service Management
- Service Meshes
- Service Operations
- Service Strategies
- Services
- Settlements
- Shared Responsibilities
- Shells
- Shippings
- Short Message Services
- Signal Processing
- Simulation Environments
- Simulation Modeling
- Simulation Platforms
- Simulation Tools
- Simulations
- Simulators
- Site Reliability Engineering
- Skill Development
- Skills Development
- Slides
- Smart Homes
- Smartphones
- Smoke Testing
- Social
- Social Media
- Social Media Marketing
- Software
- Software Applications
- Software Architectures
- Software Bill Of Materials
- Software Composition Analysis
- Software Configuration Management
- Software Configurations
- Software Deliveries
- Software Deployments
- Software Design
- Software Development
- Software Development Best Practices
- Software Development Kits
- Software Documentations
- Software Engineering
- Software Infrastructure
- Software Interfaces
- Software Languages
- Software Licensings
- Software Management
- Software Platforms
- Software Projects
- Software Quality
- Software Reviews
- Software Solutions
- Software Supply Chain Securities
- Software Systems
- Software Technologies
- Software Testing
- Software Tools
- Software Troubleshooting
- Software Version Controls
- Software-as-a-Service
- Solutions
- Source Code Management
- Source Code Management Tools
- Source Codes
- Source Control Management
- Source Controls
- Sourcings
- Space Explorations
- Spend Management
- Spreadsheets
- Stakeholder Management
- Startups
- State Machines
- State Management
- Static Analysis
- Static Application Security Testing
- Static Routings
- Statistical Analysis
- Statistical Inferences
- Statistical Methods
- Statistical Modeling
- Statistical Modellings
- Statistical Models
- Statistical Packages
- Statistical Techniques
- Statistics
- Stochastic Processes
- Storage
- Storage Engines
- Storage Management
- Stored Procedures
- Strategic Design
- Strategic Plannings
- Strategies
- Streaming Data
- Streamings
- Stress Testing
- Structured Data
- Subscription Models
- Supervised Learning
- Supplier Contracts
- Supplier Management
- Supply Chain Management
- Supply Chain Securities
- Supply Chains
- Support
- Support Platforms
- Support Systems
- Surveillances
- Sustainability
- Switches
- System Administration
- System Analysis
- System Applications
- System Architectures
- System Automation
- System Configurations
- System Design
- System Development
- System Enhancements
- System Implementations
- System Integrations
- System Libraries
- System Management
- System Monitoring
- System Of Records
- System Operations
- System Optimizations
- System Performances
- System Programming
- System Requirements
- System Securities
- System Services
- System Software
- System Solutions
- System Stabilities
- System Testing
- System Tests
- System Tools
- System Updates
- Systems
- Systems Administration
- Systems Analysis
- Systems Architectures
- Systems Design
- Systems Development
- Systems Engineering
- Systems Enhancements
- Systems Integrations
- Systems Management
- Systems Programming
- Systems Software
- Systems Testing
- Systems Thinkings
- T1S
- Tablets
- Tag Management
- Tainas
- Talent Acquisition
- Talent Management
- Task Management
- Tasks
- Tax Compliances
- Tax Laws
- Tax Plannings
- Tax Researches
- Tax Software
- Taxes
- Tcls
- Team Collaborations
- Team Communications
- Team Development
- Team Management
- Technical Debt
- Technical Reviews
- Technical Support
- Technical Writings
- Technologies
- Technology Adoptions
- Technology Architectures
- Technology Governance
- Technology Plannings
- Technology Platforms
- Technology Services
- Technology Stacks
- Technology Strategies
- Technology Upgrades
- Telecommunications
- Telemetry
- Telephonies
- Telewerkens
- Terminals
- Territory Management
- Test Anything Protocols
- Test Automation
- Test Automation Frameworks
- Test Automation Tools
- Test Controls
- Test Design
- Test Engineering
- Test Environments
- Test Equipments
- Test Executions
- Test Plannings
- Test Reportings
- Test Strategies
- Test Tools
- Testing Frameworks
- Testing Strategies
- Testing Tools
- Tests
- Text Extractions
- Third Parties
- Third Party Risks
- Third-Party Software
- Third-party Data
- Third-party Risk Management
- Threat Analysis
- Threat Detections
- Threat Huntings
- Threat Intelligence
- Threat Modeling
- Threat Monitoring
- Threat Preventions
- Ticketing
- Ticketing Systems
- Tickets
- Time Management
- Time Series
- Time Series Analysis
- Time Series Forecasting
- Timelines
- Tokenizations
- Tokens
- Tools
- Total Rewards
- Tracing
- Tracking
- Tracking Software
- Tracs
- Trade Compliances
- Trade Shows
- Tradings
- Traffic Analysis
- Training Data
- Training Platforms
- Trainings
- Transaction Management
- Transfer Learning
- Transformations
- Transformers
- Translations
- Transparency
- Transportation
- Travel Management
- Travels
- Traversals
- Treasuries
- Treasury Management
- Treasury Operations
- Troubleshooting
- Tuning
- UI
- UI Design
- UX
- UX Design
- Ubixes
- Underwritings
- Unified Communications
- Unit Testing
- Unixes
- Unstructured Data
- Unsupervised Learning
- Updates
- Uptime
- Usabilities
- Usability Testing
- User Acceptance Testing
- User Engagements
- User Experiences
- User Feedback
- User Forums
- User Guides
- User Interface/User Experiences
- User Interfaces
- User Journeys
- User Management
- User Researches
- User Testing
- Utilities
- VBA
- VOIP
- Validation
- Validation Frameworks
- Validation Rules
- Validation Tools
- Validation and Testing
- Valuations
- Value Streams
- Vector Databases
- Vector Graphics
- Vector Stores
- Vehicle Repairs
- Vendor Management
- Venture Capital
- Venue Selections
- Venues
- Verifications
- Version Control Systems
- Version Controls
- Versionings
- Video Calls
- Video Chats
- Video Conferences
- Video Conferencings
- Video Encodings
- Video Platforms
- Video Processing
- Video Productions
- Video Software
- Videogespreks
- Videos
- Virtual Assistants
- Virtual Environments
- Virtual Events
- Virtual Machines
- Virtual Meetings
- Virtual Networks
- Virtualizations
- Visibility
- Visioconférences
- Visual Analytics
- Visual Design
- Visualizations
- Voice
- Voice Over IP
- Voice Recognitions
- Votings
- Vues
- Vulnerability Analysis
- Vulnerability Assessments
- Vulnerability Management
- Vulnerability Scanners
- Vulnerability Scannings
- Wallets
- Warehouse Management
- Web Analytics
- Web Applications
- Web Based
- Web Browsers
- Web Components
- Web Development
- Web Filterings
- Web Frameworks
- Web Interfaces
- Web Performances
- Web Platforms
- Web Proxies
- Web Securities
- Web Servers
- Web Services
- Web Sites
- Web Technologies
- Web-based Applications
- Web-based Platforms
- Webinars
- Webs
- Wellbeings
- Whiteboards
- Wi-Fi
- Wikis
- Windows Servers
- Wins
- Words
- Work From Homes
- Workflow Automation
- Workflow Design
- Workflow Enhancements
- Workflow Management
- Workflow Optimizations
- Workflow Orchestration
- Workflow Systems
- Workflow Tools
- Workflows
- Workforce Management
- Working Capital
- Workload Orchestration
- Workshops
- Workspaces
- Zero Touches
Services — Total: 333
- ADP
- AWS Lambda
- Adobe
- Adobe Acrobat
- Adobe Analytics
- Adobe Campaign
- Adobe Captivate
- Adobe Creative Cloud
- Adobe Creative Suite
- Adobe Experience Cloud
- Adobe Illustrator
- Adobe Launch
- Adobe Photoshop
- Adobe Premiere Pro
- Adobe Suite
- Alteryx
- Amazon API Gateway
- Amazon ECS
- Amazon Kinesis
- Amazon Redshift
- Amazon S3
- Amazon SNS
- Amazon SQS
- Amazon SageMaker
- Amazon Web Services
- Ambassador
- Android
- Ansible Automation Platform
- Anthropic
- Apache Airflow
- Apache Software Foundation
- Apple
- Apple Keynote
- Apple Safari
- Argus Enterprise
- Artifactory
- Aruba
- Asana
- Atlassian
- AutoCAD
- Autodesk Fusion 360
- Autodesk Maya
- Azure Active Directory
- Azure Data Factory
- Azure Databricks
- Azure DevOps
- Azure Event Hubs
- Azure Functions
- Azure Key Vault
- Azure Kubernetes Service
- Azure Log Analytics
- Azure Machine Learning
- Azure Monitor
- Azure Networking
- Azure Pipelines
- Azure Service Bus
- Azure Synapse Analytics
- Azure Virtual Desktop
- BigCommerce
- Bitbucket
- Bloomberg
- Bloomberg AIM
- Bloomberg Economics
- Bloomberg Enterprise Data
- Bloomberg Intelligence
- Bloomberg News
- Bloomberg Professional Service
- Bloomberg TV
- Bloomberg Television and Radio
- Bloomberg Tradebook
- Boomi
- Box
- Broadcom
- Brocade
- Bruno
- Burp Suite
- Canva
- ChatGPT
- Cilium
- Circana
- Cisco
- Cisco Catalyst Center
- Cisco Expressway
- Cisco Firepower
- Cisco Hardware
- Cisco Nexus
- Cisco Voice Portal
- Cisco Webex
- Citrix
- Citrix NetScaler
- Claude
- CloudFormation
- CloudWatch
- Cloudflare
- Concur
- Conductor
- Confluence
- Cortex
- Crystal Reports
- Databricks
- Datadog
- DocuSign
- DynamoDB
- Dynatrace
- EC2
- EMC
- F5 Load Balancer
- F5 Networks
- Facebook Ads
- FactSet
- Fern
- Figma
- ForgeRock
- Fortify
- Fortinet
- Fusio
- G2
- GCP Cloud Storage
- Gemini
- GitHub
- GitHub Actions
- GitHub Copilot
- GitLab
- Gong
- Google Ads
- Google Analytics
- Google Android
- Google Apps Script
- Google Campaign Manager
- Google Chrome
- Google Cloud Dataflow
- Google Cloud Platform
- Google Docs
- Google Drive
- Google Forms
- Google Maps
- Google Marketing Platform
- Google Optimize
- Google Search Console
- Google Sheets
- Google Slides
- Google Tag Manager
- Google Workspace
- Harness
- HubSpot
- Hugging Face
- Hunter
- Hvault
- IBM
- Infoblox
- Informatica
- Informática
- IntelliJ IDEA
- International Business Machines
- Intuit
- Istio
- JFrog
- JFrog Artifactory
- Jira
- Juniper
- Juniper Networks
- Kinesis
- Knit
- Kong
- Kuma
- Lambda
- Lightroom
- Linkerd
- Looker
- MATLAB
- MailChimp
- Make
- Mastercard
- Maya
- McAfee
- Merge
- Meta
- Metasploit
- Microsoft
- Microsoft .NET
- Microsoft 365
- Microsoft Access
- Microsoft Azure
- Microsoft Bicep
- Microsoft Configuration Manager
- Microsoft Copilot
- Microsoft Defender
- Microsoft Dynamics 365
- Microsoft Edge
- Microsoft Endpoint Configuration Management
- Microsoft Endpoint Manager
- Microsoft Entity Framework
- Microsoft Entra
- Microsoft Excel
- Microsoft Graph
- Microsoft Identity Manager
- Microsoft Intune
- Microsoft Office
- Microsoft Office 365
- Microsoft Outlook
- Microsoft Planner
- Microsoft Power Automate
- Microsoft Power Platform
- Microsoft PowerPoint
- Microsoft Project
- Microsoft Purview
- Microsoft Sentinel
- Microsoft Teams
- Microsoft Visio
- Microsoft Windows
- Microsoft Windows 10
- Microsoft Windows Mobile
- Microsoft Windows Server
- Microsoft Word
- Moody's
- Navision
- Nessus
- NetApp
- Netcool
- New Relic
- Notion
- Ollama
- OpenAI
- OpenAI APIs
- OpenShift
- Oracle
- Oracle APEX
- Oracle Cloud
- Oracle E-Business Suite
- Oracle Enterprise Manager
- Oracle Financials
- Oracle GoldenGate
- Oracle Hyperion
- Oracle Integration
- Oracle R12
- Oracle Smart View
- Oracle WebLogic
- Orion
- Palo Alto Networks
- Panora
- Paradox
- Paw
- PeopleSoft
- Perforce
- Perplexity
- Photoshop
- Pluralsight
- Port
- Postman
- Power BI
- Power Platform
- Power Query
- Prisma
- Productiv
- Pulse
- Qlik
- Qlik Sense
- Qlik Sense Enterprise
- QlikSense
- QlikView
- Qube
- ReadMe
- Red Hat
- Red Hat Ansible Automation Platform
- Red Hat Enterprise Linux
- Red Hat Satellite
- SAP
- SAP BW
- SAP Concur
- SAP HANA
- SQL Server
- SailPoint
- Salesforce
- Salesforce Automation
- Salesforce Einstein
- Salesforce Experience Cloud
- Salesforce Lightning
- Scalar
- ServiceNow
- SharePoint
- Shell
- SimCorp Dimension
- Slack
- Snowflake
- SolarWinds
- Solaris
- Solaris Zones
- Sparx Enterprise Architect
- Splunk
- Spot
- Square
- Stripe
- Tableau
- Tableau Desktop
- TeamCity
- Temenos Transact
- Temporal
- Teradata
- Tradeweb
- Trellix Web Gateway
- Triton
- Twitch
- Tyk
- Unity
- Unix
- VMware
- Vantage
- Veritas Cluster
- Veritas InfoScale
- Veritas NetBackup
- Veritas Volume Manager
- Vessel
- Visio
- Visualforce
- WebLogic
- WebSphere
- Workday
- Workday Extend
- Workday Payroll
- Workday Security
- Workday Studio
- Youtube
- Zendesk
- Zoom
- ZoomInfo
- n8n
- nOps
Tools — Total: 225
- Angular
- Ansible
- Apache
- Apache AGE
- Apache APR
- Apache ActiveMQ
- Apache Airflow
- Apache Ant
- Apache Aries
- Apache Arrow
- Apache Atlas
- Apache Avro
- Apache Axis
- Apache Beam
- Apache BookKeeper
- Apache Brooklyn
- Apache Camel
- Apache Cassandra
- Apache Causeway
- Apache Commons
- Apache Cordova
- Apache CouchDB
- Apache DB
- Apache Directory
- Apache DolphinScheduler
- Apache Drill
- Apache Flex
- Apache Flink
- Apache FreeMarker
- Apache Gora
- Apache Groovy
- Apache HBase
- Apache Hadoop
- Apache Helix
- Apache Hive
- Apache Hop
- Apache Iceberg
- Apache Ignite
- Apache Ivy
- Apache JMeter
- Apache Jackrabbit
- Apache James
- Apache Juneau
- Apache Kafka
- Apache Knox
- Apache Kylin
- Apache MINA
- Apache Maven
- Apache NiFi
- Apache ORC
- Apache Olingo
- Apache OpenJPA
- Apache OpenOffice
- Apache OpenWebBeans
- Apache POI
- Apache Parquet
- Apache Phoenix
- Apache Pig
- Apache Pivot
- Apache Portals
- Apache Ranger
- Apache Ratis
- Apache Roller
- Apache Rya
- Apache SINGA
- Apache ShenYu
- Apache SkyWalking
- Apache Solr
- Apache SpamAssassin
- Apache Spark
- Apache Spatial
- Apache Steve
- Apache Storm
- Apache Streams
- Apache Submarine
- Apache Subversion
- Apache Superset
- Apache Synapse
- Apache TVM
- Apache Tapestry
- Apache Tcl
- Apache Tez
- Apache Tomcat
- Apache Traffic Control
- Apache Traffic Server
- Apache VCL
- Apache Velocity
- Apache Web Services
- Apache XML Graphics
- Apache ZooKeeper
- Appium
- Argo
- BFE
- Blender
- Buildpacks
- C#
- C++
- Capsule
- Celery
- Chef
- Cilium
- ClickHouse
- Cloud Custodian
- Consul
- Containerd
- Cortex
- Crossplane
- Cucumber
- Debian
- Dex
- Django
- Docker
- Eclipse
- Elastic Stack
- Elasticsearch
- Elk
- Elk Stack
- Ethereum
- FastAPI
- Fluid
- Flux
- Git
- Grafana
- HAMI
- Harbor
- Hashicorp Vault
- Helm
- Hexa
- Hibernate
- Hugging Face Transformers
- Istio
- JUnit
- Jenkins
- Jest
- K3s
- KCL
- KServe
- Kafka Connect
- Keycloak
- Kibana
- Kotlin
- Kubeflow
- Kubeflow Pipelines
- Kubernetes
- Kubernetes Operators
- Kuma
- Kyverno
- Lean
- Lightning Web Components
- Lima
- Linkerd
- Linux
- Llama
- Logstash
- Matplotlib
- Mockito
- MongoDB
- MySQL
- NUnit
- Nexus
- Nginx
- Node.js
- NumPy
- ORAS
- Open Policy Agent
- OpenStack
- OpenTelemetry
- PHP
- Pandas
- Perl
- Pixie
- Playwright
- Porter
- PostgreSQL
- PowerShell
- Prometheus
- Pulumi
- Puppet
- PySpark
- PyTorch
- Python
- R
- RabbitMQ
- Radius
- Ratify
- React
- React Native
- Redis
- Rook
- SPIRE
- SVN
- Scala
- Score
- Selenium
- Semantic Kernel
- Sonar
- SonarQube
- SpecFlow
- Spring
- Spring Boot
- Spring Boot Admin Console
- Spring Cloud
- Spring Cloud Stream
- Spring Data
- Spring Framework
- Spring Security
- Swift
- TensorFlow
- Terraform
- Ubuntu
- Vault
- Vineyard
- Vite
- Vitess
- Vue.js
- Wireshark
- WordPress
- Zabbix
- Zot
- cURL
- eBPF
- gRPC
- jQuery
- kpt
- werf
Standards — Total: 221
- AIS
- AMQP
- AUTHORS.md
- Acceptance Criteria
- Accessibility Standards
- Accounting Standards
- Actor Model
- Agile
- Agile Methodology
- Agile SDLC
- Architecture Pattern
- BDD
- BLE
- Banking Regulation
- Big O Notation
- Binary Format
- CCPA
- CHANGELOG.md
- CITATION.cff
- CNCF
- CODE_OF_CONDUCT.md
- CONTRIBUTING.md
- CONTRIBUTORS.md
- CQRS
- CSS
- Certificate Enrolment Protocols
- Circuit Breaker
- Communication Protocols
- Configuration Language
- Consensus
- Convention Over Configuration
- Cybersecurity Standards
- DHCP
- DNS
- DSL
- Data Flow Diagrams
- Data Format
- Data Modeling
- Data Models
- Data Quality Standards
- Data Warehouse Schemas
- Database Schema Design
- Defense In Depth
- Dependency Injection
- Design Patterns
- Design Standards
- DevOps
- DevSecOps
- Development Methodology
- Dimensional Modeling
- Dockerfile
- Domain-Driven Design
- Enterprise Integration Patterns
- Entity Relationship
- Equator Principles
- Event Sourcing
- Event-driven Architecture
- Extreme Programming
- FTP
- File Format
- FinOps
- Financial Regulation
- Flowcharts
- Functional Programming
- GDPR
- GitOps
- Good Manufacturing Practices
- Graph Query Language (GQL)
- GraphQL
- HIPAA
- HTML
- HTML5
- HTTP
- HTTP/2
- IAM
- ISO
- ITIL
- ITSM
- Integration Patterns
- Interface Specifications
- Internal Control Standards
- Inversion Of Control
- JCR
- JDBC
- JMS
- JPA
- JSF
- JSON
- Jakarta EE
- Java EE
- Kanban
- LDAP
- LICENSE.md
- Lakehouse Architecture
- Lean Management
- Lean Manufacturing
- Lean Six Sigma
- MLOps
- MVC
- Mandatory Reserves Requirement
- MapReduce
- Methodology
- Mockups
- NFC
- NIO
- NIST
- Network Protocols
- Normalization
- OAuth
- OCI
- OData
- OIDC
- OSHA
- OWASP
- Object-Oriented Programming
- OpenAPI
- OpenID Connect
- PCI Compliance
- POSIX
- Parquet
- Partitioning
- Privacy By Design
- Process Flow Diagrams
- Product Backlog
- Product Backlog Items
- Product Specifications
- Programming Paradigm
- Project Management Methodology
- Protocol Buffers
- Prototypes
- Pub/Sub
- QoS
- Quality Of Service
- Quality Standards
- RACI
- RBAC
- RDF
- RDP
- README.md
- REST
- REST API
- RESTful
- RESTful APIs
- RPC
- RTSP
- Raft
- Reactive Programming
- Regular Expressions
- Regulation
- Regulatory
- Relational Data Modeling
- Runbooks
- SAFe Agile
- SAML
- SDLC
- SECURITY.md
- SFTP
- SMTP
- SOA
- SOAP
- SPA
- SQL
- SSH
- SSL/TLS
- SSO
- SUPPORT.md
- Scaled Agile
- Schema Design
- Schema Validation
- Scrum
- SecOps
- Secure Tunneling Protocols
- Secure-by-Design
- Security By Design
- Security Protocols
- Security Standards
- Security Standards And Procedures
- Service Oriented Architecture
- Services Patterns
- Sharding
- Six Sigma
- Sketches
- Software Design Architectural Patterns
- Software Design Patterns
- Software Development Life Cycle
- Software Development Lifecycle
- Software-Defined Networking
- Specification
- Standard Operating Procedures
- Standardization
- Standards
- Swagger
- TCP/IP
- Table Format
- Technical Specifications
- Technology Standards
- Templates
- Test Cases
- Test First
- Test Plans
- Test Scripts
- Test Specifications
- Test Suites
- Test-driven Development
- UML
- Use Cases
- User Stories
- VPN
- WCAG
- Waterfall
- WebSockets
- Wireframes
- Write Ahead Log
- XML
- XSLT
- Zero Trust
- Zero Trust Architecture
- Zero Trust Network Access
- Zero-Trust Security Model
- dependabot.yml
Why do we do this?
- Understand the state of the market by industry.
- Meet new and diverse design partners across verticals.
- Help us prioritize industry-specific business capabilities.
Who is this for?
- AI, API, integration and platform leadership within the industry.
- The C-Suite looking to benchmark their enterprise against peers.
- Analysts and media outlets reporting on industry-level technology trends.
Why become a design partner?
- Collaboration to define industry-wide capabilities and benchmarks.
- Obtain more control over the integrations your industry depends on.
- Help shape the Naftiko roadmap to meet your vertical’s needs.
About This Research
- Signals aggregate how we rate investments across all companies in the industry.
- Areas reveal the technology areas being invested in across the vertical.
- Services show which SaaS platforms appear across industry companies.
- Tools highlight the open-source investments being made industry-wide.
- Standards speak to how aligned integrations are with market standards.
About This Guidance
- Impact Report provides a narrative analysis of the industry’s collective AI investment posture.
- Impact Pages outlines the layered data behind the industry’s AI response, with company rankings per signal area.
- Companies lists all organizations tracked in this industry vertical.
- Radar maps the maturity of technology investments across the industry.
- Capabilities are Naftiko definitions for how industry-common services and tools can deliver AI-driven business value.
- Navigation highlights strategic opportunities for this industry vertical.
What This Means For You
See where you stand, decide what to build, control what you build — grounded in public-data signals, not boilerplate best practice.
Where you stand
See your signals
The leads, the gaps, and where AI has shifted the gradient — in numbers from public data, not vendor decks.
See full report →What to build
Translate to capabilities
Capabilities being built across the peer set — tied to the markets you actually serve.
View capabilities →Where to go next
Navigate the next move
A prioritized roadmap grounded in signal data. Not a generic best-practices deck, not a vendor-shaped pitch.
Get your navigation →Control what you build
Integrate with AI
Run it on infrastructure you control. Open source — fork it, audit it, run it on your stack. No vendor lock-in.
First capability live in 90 days.
Become a design partner →