Bridging decompilation and local LLMs, this project lets models interact live with a running JADX GUI via the Model Context Protocol. That direct connection turns decompiled code, manifests, resources and debugger state into queryable context for an LLM, enabling rapid, model-assisted code review, vulnerability spotting, and navigation during manual analysis.
What Sets It Apart
- Live MCP bridge to JADX GUI: instead of static file exports, the server makes the running decompiler state available over MCP so an LLM can fetch the selected class, method source, smali, or manifest on demand — which reduces context-window waste and keeps model prompts tightly scoped.
- Local-first LLM support: designed to work with local desktop LLM clients (tested with Claude Desktop), so sensitive APK analysis can remain offline while still benefiting from model assistance.
- Focused reverse-engineering tools: built-in MCP tools cover common analyst tasks (fetch class/method/source, search across classes, xrefs, resources, and basic debugger frames), letting LLMs perform targeted queries rather than broad source dumps.
Who It's For and Tradeoffs
Great fit if you: perform offline Android reverse engineering, want interactive model assistance tied to a running JADX instance, or need quick model-driven code inspection without pushing code to cloud LLMs. Look elsewhere if you require production-grade remote access, authenticated/TLS-protected APIs, multi-user role management, or a full CI/CD integration — the server is Python-based, early-stage, and intentionally simple.
Practical caveats: remote binding (0.0.0.0) exposes an unauthenticated HTTP interface—use SSH tunnels or firewall rules for safety. The project ties to the JADX ecosystem (Java plugin + Python MCP server) and may be less useful for non-JADX toolchains. Expect early-stage instability and manual setup for plugin + server coordination.
