jadx-ai-mcp

Exposes JADX's internal call graph and xref (cross-reference) APIs through MCP tool calls, enabling LLMs to follow method invocations and field accesses across the entire decompiled codebase. The JADX-MCP-Server translates incoming MCP requests into HTTP calls to the plugin's /xref endpoint, which queries JADX's JavaClass entity relationships and returns structured call chains. This allows AI models to understand data flow and dependency graphs without manual navigation.

Exposes AndroidManifest.xml, strings.xml, layout files, and other Android resources through MCP tools that parse and return structured data about app permissions, entry points, and UI definitions. The JADX plugin extracts these resources from the APK's resource directory and serves them as JSON via HTTP endpoints, which the MCP server translates into tool responses. This enables LLMs to understand app capabilities, permissions, and potential attack surfaces without manual XML parsing.

Retrieves the complete source code of a specific method from the decompiled APK, including line numbers, parameter definitions, and return type information. The JADX plugin queries its JavaClass model to extract the method's source code and maps it back to the original line numbers in the decompiled file. This enables LLMs to analyze method implementations in detail and correlate them with other analysis results (e.g., xrefs, stack traces).

Extracts APK-level metadata including version information, build configuration, certificate details, and other manifest-level data. The JADX plugin accesses the APK's metadata through its resource extraction APIs and returns structured information about the app's build, signing, and configuration. This enables LLMs to understand the app's provenance, versioning, and build-time configuration without manual APK inspection.

Provides direct access to Smali (Android bytecode) representations of methods when Java decompilation is incomplete, obfuscated, or fails. The JADX plugin exposes a /smali endpoint that returns the low-level bytecode instructions for a given method, allowing LLMs to analyze register operations, control flow, and API calls at the bytecode level. This is critical for analyzing heavily obfuscated or packed APKs where Java decompilation produces unreadable output.

Orchestrates a workflow where the MCP server provides the LLM with code snippets, resource data, and xref information, enabling the AI to perform Static Application Security Testing (SAST) by identifying insecure API usage, hardcoded secrets, and vulnerable patterns. The system does not perform hardcoded pattern matching; instead, it gives the LLM full context (source code, permissions, entry points) and relies on the model's reasoning to identify vulnerabilities. This leverages the LLM's semantic understanding of security rather than regex-based rules.

Enables the LLM to suggest and execute renames for obfuscated classes, methods, and variables based on semantic analysis of their usage patterns and functionality. The MCP server provides a rename tool that the LLM can invoke with a class/method name and a suggested meaningful name; the JADX plugin applies the rename through its refactoring API and persists it to the project. This transforms obfuscated identifiers (e.g., class 'a', method 'b') into human-readable names (e.g., 'NetworkManager', 'sendAuthToken') based on AI reasoning about their purpose.

The JADX-MCP-Server (Python, built on FastMCP) acts as a protocol adapter that translates incoming MCP tool calls (JSON-RPC format) from LLM clients into HTTP requests to the JADX plugin's internal HTTP server (port 8650). Each tool call is stateless: the server extracts parameters, constructs an HTTP request, waits for the response, and returns the result to the LLM. This decouples the LLM client from the JADX plugin, allowing multiple clients to connect to the same plugin instance and enabling integration with any MCP-compatible LLM client.

Provides MCP tools for searching the decompiled APK by class name, method name, or code content using keyword matching. The JADX plugin exposes /search endpoints that query its internal class index and source code, returning matching classes, methods, and code snippets. The search supports filtering by package, access modifiers, and other metadata. This enables LLMs to locate relevant code without manual navigation through the class hierarchy.

During active JADX debugging sessions, the MCP server can access runtime context including variable values, stack traces, and breakpoint information through JADX's debugging APIs. The system exposes tools that allow LLMs to inspect the current execution state, analyze stack frames, and correlate runtime behavior with static code analysis. This bridges the gap between static analysis and runtime behavior, enabling the AI to understand how code executes in practice.

Extracts complete class definitions including fields, methods, constructors, annotations, and inheritance relationships from decompiled Java code. The JADX plugin uses its JavaClass entity model to serialize class metadata as structured JSON, including method signatures, return types, parameter types, access modifiers, and annotations. This enables LLMs to understand class architecture without reading raw source code and to reason about type safety and API contracts.

The system is architected as two independent components: the JADX-AI-MCP Plugin (Java, runs within JADX GUI) and the JADX-MCP-Server (Python, standalone process). The plugin exposes an HTTP API on port 8650; the server translates MCP calls to HTTP requests. This separation enables multiple MCP clients to connect to a single JADX instance, allows the server to run on a different machine, and decouples plugin updates from server updates. The architecture supports horizontal scaling by running multiple servers against the same plugin.