AL-Dependency-MCP-Server
Verified Safeby StefanMaron
Overview
Provides AI assistants with semantic understanding of AL (Application Language) codebases and Business Central object relationships by parsing compiled AL symbol files.
Installation
npx al-mcp-serverEnvironment Variables
- AL_CLI_PATH
Security Notes
The server uses `child_process.spawn` to interact with external `AL` and `dotnet` CLI tools, which introduces a dependency on their security. File system operations for package discovery and symbol extraction include safeguards such as limiting recursion depth, blacklisting common system directories (e.g., node_modules, .git), and enforcing absolute paths for `rootPath` to mitigate arbitrary path traversal. Package content (i.e., `.app` files) is processed by extracting `SymbolReference.json` via ZIP or AL CLI; while the server's code itself appears free of obvious malicious patterns like `eval`, a vulnerability could exist if a crafted `.app` file exploits the underlying AL compiler or ZIP extraction process. Users should ensure they are processing trusted AL packages.
Similar Servers
chunkhound
ChunkHound transforms codebases into searchable knowledge bases for AI assistants, enabling deep semantic and regex-based code research.
In-Memoria
Provides persistent intelligence infrastructure (semantic concepts, patterns, architecture) for AI agents to understand and interact with codebases.
powerbi-mcp
Enables AI assistants to interact with Power BI Desktop and Service for querying data, managing models, and performing safe bulk operations through natural language, ensuring enterprise-grade security and preserving report visual integrity during refactoring.
bc-code-intelligence-mcp
Provides specialized Business Central (BC) development knowledge, code analysis, structured workflows, and AI specialist personas to empower LLM-based coding agents and developers.