naftiko: 1.0.0-alpha2 info: label: AppOmni SaaS Security API — Security Events description: 'AppOmni SaaS Security API — Security Events. 2 operations. Lead operation: AppOmni - List Security Events. Self-contained Naftiko capability covering one Appomni business surface.' tags: - Appomni - Security Events created: '2026-05-19' modified: '2026-05-19' binds: - namespace: env keys: APPOMNI_API_KEY: APPOMNI_API_KEY capability: consumes: - type: http namespace: appomni-security-events baseUri: https://api.appomni.com/v1 description: AppOmni SaaS Security API — Security Events business capability. Self-contained, no shared references. resources: - name: events path: /events operations: - name: listsecurityevents method: GET description: AppOmni - List Security Events outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: severity in: query type: string description: Filter by event severity (critical, high, medium, low, info) - name: application in: query type: string description: Filter by SaaS application name - name: status in: query type: string description: Filter by event status (open, investigating, resolved, dismissed) - name: from in: query type: string description: Start date for filtering events (ISO 8601) - name: to in: query type: string description: End date for filtering events (ISO 8601) - name: events-eventId path: /events/{eventId} operations: - name: getsecurityevent method: GET description: AppOmni - Get Security Event outputRawFormat: json outputParameters: - name: result type: object value: $. inputParameters: - name: eventId in: path type: string description: Unique security event identifier required: true authentication: type: bearer token: '{{env.APPOMNI_API_KEY}}' exposes: - type: rest namespace: appomni-security-events-rest port: 8080 description: REST adapter for AppOmni SaaS Security API — Security Events. One Spectral-compliant resource per consumed operation, prefixed with /v1. resources: - path: /v1/events name: events description: REST surface for events. operations: - method: GET name: listsecurityevents description: AppOmni - List Security Events call: appomni-security-events.listsecurityevents with: severity: rest.severity application: rest.application status: rest.status from: rest.from to: rest.to outputParameters: - type: object mapping: $. - path: /v1/events/{eventid} name: events-eventid description: REST surface for events-eventId. operations: - method: GET name: getsecurityevent description: AppOmni - Get Security Event call: appomni-security-events.getsecurityevent with: eventId: rest.eventId outputParameters: - type: object mapping: $. - type: mcp namespace: appomni-security-events-mcp port: 9090 transport: http description: MCP adapter for AppOmni SaaS Security API — Security Events. One tool per consumed operation, routed inline through this capability's consumes block. tools: - name: appomni-list-security-events description: AppOmni - List Security Events hints: readOnly: true destructive: false idempotent: true call: appomni-security-events.listsecurityevents with: severity: tools.severity application: tools.application status: tools.status from: tools.from to: tools.to outputParameters: - type: object mapping: $. - name: appomni-get-security-event description: AppOmni - Get Security Event hints: readOnly: true destructive: false idempotent: true call: appomni-security-events.getsecurityevent with: eventId: tools.eventId outputParameters: - type: object mapping: $.