{"id":"dassianinc-dassian-adt","name":"dassian-adt","homepage":null,"repo_url":"https://github.com/DassianInc/dassian-adt","category":"ai-ml","subcategories":[],"tags":["mcp","sap","abap","adt","ai-development-tools","development-lifecycle","transports","automation"],"what_it_does":"MCP server that connects AI assistants to an SAP system via the ADT API for ABAP development tasks (read/write/activate objects, manage transports, run syntax/ATC checks, query tables, execute ABAP “run”, and handle sessions/health). Provides both stdio (local) and HTTP (team) MCP transports.","use_cases":["AI-assisted ABAP coding and refactoring (source read/write, activation)","Automated transport workflows (create/assign/release/list/inspect contents)","Code quality automation (syntax checks, ATC runs)","Data lookup for ABAP development (table/CDS reads and freestyle queries)","Executing short ABAP runs via temporary class and capturing output","Troubleshooting SAP issues (health checks, dump retrieval)"],"not_for":["Production deployment of an SAP development backend without proper network hardening and operational controls","Unattended automated release/transport operations without human approval gates","Use without SAP ADT enablement/appropriate ABAP development authorizations"],"best_when":"Teams want an MCP-compatible, tool-based interface to SAP ABAP development with iterative error correction and session recovery.","avoid_when":"You cannot safely store/use SAP credentials for a long-running server, or you need strict audit separation per user without compensating controls.","alternatives":["mcp-abap-abap-adt-api","abap-adt-api (library) integrated into your own MCP/agent host","Direct ADT API usage from your own service","Other SAP integration layers that expose ABAP tooling via your own APIs/MCP"],"af_score":68.2,"security_score":54.0,"reliability_score":42.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:41:49.761133+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://your-server:3000/mcp (when MCP_TRANSPORT=http)","has_sdk":false,"sdk_languages":["TypeScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Environment-variable credentials for SAP_USER/SAP_PASSWORD","Session-based ADT login handled by server"],"oauth":false,"scopes":false,"notes":"Auth to SAP is performed using SAP_USER/SAP_PASSWORD provided via .env or MCP server env. No OAuth/SaaS scopes are described; authorization granularity depends on the SAP user used."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information in provided content (open source MIT repo)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":68.2,"security_score":54.0,"reliability_score":42.5,"mcp_server_quality":88.0,"documentation_accuracy":78.0,"error_message_quality":80.0,"error_message_notes":"README claims centralized input validation (missing fields called out exactly), SAP error classification with actionable hints, elicitation prompts for missing/irreversible steps, and session recovery with automatic re-login and retry. Specific error code schemas and formats are not shown in the README.","auth_complexity":55.0,"rate_limit_clarity":20.0,"tls_enforcement":65.0,"auth_strength":55.0,"scope_granularity":35.0,"dependency_hygiene":55.0,"secret_handling":60.0,"security_notes":"TLS is implied via SAP_URL=https://...:44300, but README also documents NODE_TLS_REJECT_UNAUTHORIZED=0 for self-signed certs (weakens security if used). Authentication is username/password supplied via environment variables; no OAuth and no explicit scope granularity beyond what the SAP user can do. README mentions centralized validation and 'no stack traces', which can reduce accidental leakage, but does not explicitly state logging/PII handling for credentials or full request/response payloads. Dependency hygiene and vulnerability posture cannot be confirmed from provided manifest/README alone.","uptime_documented":20.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":80.0,"idempotency_support":"false","idempotency_notes":"Many tools are inherently non-idempotent (create/delete/activate/release transports). The README mentions session recovery and prompting for confirmations, but does not document idempotency semantics or request identifiers.","pagination_style":"none","retry_guidance_documented":true,"known_agent_gotchas":["Running/releasing operations can be irreversible; ensure the agent/host requires confirmation steps for transport release.","Using NODE_TLS_REJECT_UNAUTHORIZED=0 disables TLS verification (for self-signed certs) and may create security risk.","Execution via abap_run may leave artifacts if cleanup fails; README mentions prompting when leftover temp classes exist.","HTTP transport mode is multi-client and implies concurrent SAP sessions; ensure isolation/auditing on the MCP server side."]}}