Nwm Snowflake Policy Tagged Data Mcp

naftiko: 1.0.0-alpha2
info:
  title: Nwm Snowflake Policy Tagged Data Mcp
  description: A Northwestern Mutual capability over Snowflake with object/column policy tags enforced — agents only see data their policy allows.
  tags: [Naftiko, NWM, Snowflake, Policy]
  created: '2026-05-01'
  modified: '2026-05-04'
binds:
- namespace: snowflake-env
  keys: {SNOWFLAKE_ACCOUNT: SNOWFLAKE_ACCOUNT, SNOWFLAKE_TOKEN: SNOWFLAKE_TOKEN}
capability:
  consumes:
  - namespace: snowflake
    type: http
    baseUri: https://{{SNOWFLAKE_ACCOUNT}}.snowflakecomputing.com
    authentication: {type: bearer, token: '{{SNOWFLAKE_TOKEN}}'}
    resources:
    - {name: statements, path: /api/v2/statements, operations: [{name: run-policy-tagged-sql, method: POST}]}
  exposes:
  - type: rest
    address: 0.0.0.0
    port: 8080
    namespace: nwm-snowflake-policy-tagged-data-mcp-rest
    description: REST surface for policy-tagged Snowflake reads.
    resources:
    - {name: query, path: /query, operations: [{method: POST, name: run-policy-tagged-sql, call: snowflake.run-policy-tagged-sql}]}
  - type: mcp
    address: 0.0.0.0
    port: 3010
    namespace: nwm-snowflake-policy-tagged-data-mcp-mcp
    description: MCP for policy-tagged Snowflake.
    tools:
    - {name: run-policy-tagged-sql, call: snowflake.run-policy-tagged-sql}
  - type: skill
    address: 0.0.0.0
    port: 3011
    namespace: nwm-snowflake-policy-tagged-data-mcp-skills
    description: Skill for policy-tagged Snowflake.
    skills:
    - name: nwm-snowflake-policy-tagged-data-mcp
      description: Policy-tagged Snowflake data.
      location: file:///opt/naftiko/skills/nwm-snowflake-policy-tagged-data-mcp
      allowed-tools: run-policy-tagged-sql
      tools:
      - {name: run-policy-tagged-sql, from: {sourceNamespace: nwm-snowflake-policy-tagged-data-mcp-mcp, action: run-policy-tagged-sql}}