AL-Dependency-MCP-Server
Verified Safeby StefanMaron
Overview
Provides AI assistants with semantic understanding of AL (Application Language) codebases and Business Central object relationships by parsing compiled AL symbol files.
Installation
npx al-mcp-serverEnvironment Variables
- AL_CLI_PATH
Security Notes
The server uses `child_process.spawn` to interact with external `AL` and `dotnet` CLI tools, which introduces a dependency on their security. File system operations for package discovery and symbol extraction include safeguards such as limiting recursion depth, blacklisting common system directories (e.g., node_modules, .git), and enforcing absolute paths for `rootPath` to mitigate arbitrary path traversal. Package content (i.e., `.app` files) is processed by extracting `SymbolReference.json` via ZIP or AL CLI; while the server's code itself appears free of obvious malicious patterns like `eval`, a vulnerability could exist if a crafted `.app` file exploits the underlying AL compiler or ZIP extraction process. Users should ensure they are processing trusted AL packages.
Similar Servers
chunkhound
Provides local-first codebase intelligence, extracting architecture, patterns, and institutional knowledge for AI assistants.
In-Memoria
Provides persistent intelligence infrastructure for AI agents, enabling them to understand codebases, detect patterns, predict coding approaches, and generate context-aware insights.
powerbi-mcp
Enables AI assistants to interact with Power BI Desktop and Service for querying data, managing models, and performing safe bulk operations through natural language, ensuring enterprise-grade security and preserving report visual integrity during refactoring.
bc-code-intelligence-mcp
Provides Business Central development knowledge and tooling, including specialist AI personas, code analysis, and structured workflows, to AI agents.