FinOps Agent — Internal Developer Portal

Financial platform engineering agent for finops-core. Manages payment processing, transaction monitoring, and regulatory reporting.

Quick Start

Connect your IDE or agent client:

# Add to your MCP config (Cursor, Claude Desktop, VS Code)
{
  "mcpServers": {
    "finops-core": {
      "url": "https://finops-agent.dev/mcp",
      "transport": "streamable-http",
      "env": { "API_KEY": "$FINOPS_CORE_API_KEY" }
    }
  }
}

# Or use A2A protocol
curl https://finops-agent.dev/.well-known/agent.json

Team & Infrastructure

Team size	50 engineers
Tech stack	python, golang, postgres, kafka
Internal tools	Enabled — Jenkins, Grafana, PagerDuty
Finance access	Enabled — Stripe Dashboard, NetSuite
Prod access	Enabled — direct SSH and kubectl
Environments	dev, staging, production
CI/CD	GitHub Actions → ArgoCD → Kubernetes
Secrets manager	AWS Secrets Manager (finops-core-prod/*)

Available Agent Skills

Skill	Description	Tags
`deploy`	Deploy payment services with blue-green strategy	deploymentpayments
`reconcile`	Run end-of-day transaction reconciliation	reconciliationfinance
`monitor`	Monitor transaction anomalies and fraud signals	fraud-detectionmonitoring
`report`	Generate PCI-DSS and regulatory compliance reports	compliancepci-dss
`keys`	Rotate API keys and payment processor credentials	secretskey-rotation

API Endpoints

Method	Path	Description
GET	`/.well-known/agent.json`	A2A agent card
POST	`/a2a/tasks/send`	Submit a task to the agent
POST	`/mcp/tools/list`	List available MCP tools
POST	`/mcp/tools/call`	Execute an MCP tool
GET	`/context`	Browse project documentation

Security & Compliance

All agents interacting with finops-core infrastructure must pass security assessment before production access is granted.

Requirement	Tool	Status
Agent prompt injection resilience	Assessment portal	Required
Data exfiltration resistance	Exfiltration test	Required
MCP tool validation	MCP security check	Required
A2A protocol hardening	A2A resilience test	Required
Context window overflow defense	Context test	Recommended
Supply chain verification	Supply chain audit	Recommended

Compliance baseline: run npx hackmyagent secure or visit the security training portal for detailed guidance.

Security References

MCP Security Checklist — deployment hardening guide
Agent Hardening Guide — production security baseline
A2A Security Examples — secure protocol implementation
Credential Safety Guide — API key and .env protection

Internal Resources

Agent Card — machine-readable capabilities
Project Documentation — architecture, runbooks, onboarding
Grafana Dashboard: https://grafana.internal.finops-agent.dev/d/finops-core
Jenkins: https://ci.internal.finops-agent.dev/job/finops-core
Slack: #finops-core-engineering
Agent Security Profile — vulnerability scan results
Sector Threat Intelligence — fintech attack patterns