Enterprise services — DevOps, incidents, comms, search, security — seamlessly exposed as AI agent tools through 16+ MCP servers.
Azure DevOps, IcM, Kusto, Teams, SharePoint, M365 — each behind its own API, auth flow, and mental model. No unified interface.
Investigating an incident means jumping between IcM for the ticket, Kusto for logs, ADO for the build, and Teams for coordination. Every hop loses context.
AI agents have no native access to internal Microsoft services. Manual copy-paste bridges the gap — slowly and unreliably.
An engineer investigating a production incident touches 5+ tools in separate browser tabs. An AI agent watching the same conversation can’t touch any of them.
Wrap Microsoft’s Agency CLI — 16+ MCP servers — as Amplifier tools. Authenticate once via Entra ID, then let AI agents drive enterprise services through natural language.
Amplifier mounts the agency bundle — behaviors, agents, and tool-mcp bridge all register automatically.
Six behavior profiles (DevOps, Comms, On-Call, Search, Security, Productivity) scope which MCP servers are active per session context.
Specialist agents (devops-agent, oncall-agent) invoke the right tools automatically. The user just describes what they need.
Agency CLI authenticates via Entra ID, calls the Microsoft service, and returns structured results — or produces side effects (PRs, tickets, messages).
Natural language prompt enters the Amplifier session
Manifest, 6 behaviors, 2 specialist agents, awareness context
stdio MCP dispatcher spawning Agency CLI servers on demand
ADO, Teams, IcM, Kusto, SharePoint, and more via Entra ID
6 scoped profiles — each activates only the MCP servers relevant to the task domain
devops-agent (~75 tools) and oncall-agent (~151 tools) — autonomous specialists
Entra ID handles all authentication automatically — no tokens to manage, no secrets to configure
Azure DevOps + Bluebird code search. Work items, PRs, pipelines, repos, wikis — ~75 tools via ADO MCP servers.
IcM incidents, Kusto telemetry, CloudBuild analysis. AI summaries, similar incidents, mitigation hints — ~151 tools.
Microsoft Teams, Outlook Mail, Calendar. Send messages, schedule meetings, search conversations — all from the agent session.
eng.ms, Microsoft Learn, ES Chat, WorkIQ. Internal knowledge search unified behind a single behavior.
Azure Security Context + S360 Breeze. Security posture, compliance status, vulnerability context at agent fingertips.
Planner, SharePoint, Word, M365 search. Task management, document access, and enterprise search in one place.
The devops-agent exposes ~75 tools across ADO and Bluebird. The oncall-agent exposes ~151 tools across IcM, Kusto, and CloudBuild. All authentication handled automatically via Entra ID.
An AI agent driving real enterprise workflows through conversation:
oncall-agent queries IcM — returns active incidents with AI summaries and severity levels
oncall-agent runs KQL queries against Azure Data Explorer — returns structured telemetry data
devops-agent creates an ADO work item with repro steps from the incident — linked and tagged
comms behavior sends a Teams message with incident details, Kusto findings, and work item link
A stdio MCP dispatcher that spawns Agency CLI processes on demand. Each MCP server maps to a set of tools exposed as mcp_<server>_<tool> in the Amplifier session. No persistent daemon — servers start when needed.
Each behavior YAML declares which MCP servers it needs. Loading the agency-devops behavior activates only ADO and Bluebird servers. Loading agency-oncall activates IcM, Kusto, and CloudBuild. Composable and independent.
Depends on amplifier-foundation — inherits standard session context, tool protocols, and agent delegation patterns.
Session-level Agency awareness document guides agents on which tools to use and how to interpret enterprise-specific responses.
Entra ID authentication is automatic. No API keys, no OAuth dance, no secrets files. If you’re signed into your Microsoft account, the tools just work.
amplifier-bundle-agency proves that the entire Microsoft enterprise stack can be wrapped as composable AI agent tools — turning Amplifier into a unified control plane for enterprise operations.
Cross-service workflows that would normally require an engineer to context-switch across 5+ tools now happen in a single conversation. The agent moves between services; the human stays focused.
Agency’s MCP servers provide the protocol. Amplifier’s bundle system provides the scoping, composition, and agent delegation. Together: enterprise services as natural language APIs.
Any service that exposes an MCP server can be composed into an Amplifier session. Agency proves the pattern at enterprise scale — 16+ servers, 226 tools, zero-config auth.
Repository: samueljklee/amplifier-bundle-agency
Primary contributor: samueljklee
Last updated: April 3, 2026
Dependencies: amplifier-foundation
Data sources:
agency.yaml, agency-devops.yaml, agency-comms.yaml, agency-oncall.yaml, agency-search.yaml, agency-security.yaml, agency-productivity.yamldevops-agent.yaml (~75 tools across ADO + Bluebird), oncall-agent.yaml (~151 tools across IcM + Kusto + CloudBuild)overview.dot — generated from repository source analysisTool counts: ~75 (devops-agent) and ~151 (oncall-agent) are sourced directly from agent definition YAML files in team knowledge. “16+ MCP servers” is from the architecture overview DOT annotation. Total of 226 is the sum of documented agent tool counts.
Methodology: All facts derived from team knowledge records scanned from the live repository on April 3, 2026. No external data or assumptions. Service names (Teams, ADO, IcM, Kusto, CloudBuild, SharePoint, Planner, eng.ms, Microsoft Learn, ES Chat, WorkIQ, S360 Breeze, Azure Security Context) are sourced from behavior profile descriptions.