ABAP_CHECK_MCP
by leocaogit
Overview
Provides ABAP REPORT program syntax checking capabilities for IDEs by connecting to SAP ERP systems via RFC.
Installation
python -m src.main --config config.jsonEnvironment Variables
- SAP_HOST
- SAP_SYSNR
- SAP_CLIENT
- SAP_USER
- SAP_PASSWORD
Security Notes
The Python server itself has good security practices (e.g., sensitive data filtering in logs) and no direct 'eval' or malicious patterns. The primary security risk lies with the required SAP backend setup. The deployed ABAP function module `Z_CHECK_ABAP_SYNTAX` dynamically creates and deletes temporary ABAP programs (`INSERT REPORT`, `SYNTAX-CHECK FOR`, `DELETE REPORT`) on the SAP system based on user-provided ABAP code. This requires granting the RFC user highly privileged SAP authorizations (`S_PROGRAM` for create/delete programs). While these temporary programs are intended for syntax checking and are deleted, allowing arbitrary code to be inserted and processed, even temporarily, presents a significant attack surface if the input ABAP code is not from a trusted source or if the SAP system's handling of `INSERT REPORT` or `SYNTAX-CHECK` could be exploited. The Python server does not perform content-based sanitization of the ABAP code before sending it to SAP.
Similar Servers
cclsp
Integrate LLM-based coding agents with Language Server Protocol (LSP) servers to enable robust code navigation, symbol resolution, and refactoring across various programming languages.
mcp-server
A Model Context Protocol (MCP) server designed to assist AI models in the development of SAP Cloud Application Programming Model (CAP) applications by providing tools for model analysis and documentation search.
treesitter-mcp
Provides a Model Context Protocol (MCP) server and CLI for static code analysis using Tree-sitter.
mcp-abap-adt
MCP server for integrating with SAP ABAP Development Tools (ADT) to perform read, write, and system operations on ABAP objects.