ARC-1 (pronounced arc one [ɑːrk wʌn]) — Enterprise-ready MCP server for SAP ABAP systems. Secure by default, deployable to BTP or on-premise, and hardened with large unit/integration/E2E test coverage.
ARC-1 connects AI assistants (Claude, GitHub Copilot, Copilot Studio, and any MCP client) to SAP systems via the ADT REST API. It ships as an npm package and Docker image.
Full Documentation | Quickstart | Tool Reference | Blog Series
📖 New: AI ABAP Development blog series — long-form posts on AI for ABAP, ARC-1 design, and real-world BTP / Copilot Studio / Joule walkthroughs. Read the series →
Built for organizations that need AI-assisted SAP development with guardrails. Inspired by the pioneering work of abap-adt-api, mcp-abap-adt, and vibing-steampunk — ARC-1 adds what's needed to run in production:
SAP_ALLOW_* flagsSAP_DENY_ACTIONS (for example SAPWrite.delete), without exposing low-level operation codes to admins--allowed-packages "Z*,$TMP"). Read operations are not restricted by package — use SAP's native authorization for read-level access controlSAPRead(type=TABLE_CONTENTS) and SAPQuery are gated behind explicit env vars (SAP_ALLOW_DATA_PREVIEW=true, SAP_ALLOW_FREE_SQL=true). These capabilities can expose application data or run ad-hoc SQL, so they are intentionally separated from the default development-tooling surface. They can be enabled for governed use cases, but should be reviewed against the current SAP API Policy, your SAP agreement, and internal data-governance rules--allow-writes and --allow-transport-writes. Update/delete operations auto-use the lock correction number when no explicit transport is provided--allow-git-writes / SAP_ALLOW_GIT_WRITES=trueviewer, viewer-data, viewer-sql, developer, developer-data, developer-sql, or admin per key$TMP when enabled — only local/throwaway objects; writing to transportable packages requires explicit --allowed-packagesARC1_ALLOWED_ORIGINS (comma-separated, exact match). Off by default; native MCP clients don't need it/mcp edge (Layer 1, default 20/min/IP, on), per-user MCP quota (Layer 2, off by default — multi-user deployments opt in via ARC1_RATE_LIMIT=60), server-wide SAP-bound semaphore (Layer 3, default 10, on). Honors Retry-After on 429/503 from SAP / BTP gateways. Two operator env vars; per-endpoint OAuth ceilings are constants in code. Closes CodeQL alert js/missing-rate-limiting. See the Rate Limiting Guidenpm audit --audit-level=high PR gate, GitHub Dependency Review on every PR, CodeQL SAST, Trivy container scanning (gating on release, advisory on dev), all third-party GitHub Actions pinned to commit SHA, SECURITY.md policy with severity-tiered SLAs. Image and npm package both ship with provenance attestations. See the security guide §13OAuth2UserTokenExchange for BTP ABAP EnvironmentDeploy ARC-1 as a Cloud Foundry app on SAP BTP with full platform integration:
SAPContext(action="deps") is the first call for "what does this object do?": it returns the object's Knowledge Transfer Document (SKTD/KTD) when available plus public API contracts of dependencies in one call (7-30x compression)If-None-Match/ETag conditional GET, so unchanged objects return from cache after SAP confirms 304 Not Modified.SAPContext dep resolution keyed by source hash; unchanged objects skip all ADT calls on subsequent runs.SAPContext(action="deps") separately from the dependency graph, so cached dependency context can still include revalidated documentation.ARC1_CACHE_WARMUP=true to pre-index all custom objects at startup, enabling reverse dependency lookup (SAPContext(action="usages")) and fast CDS impact workflows (SAPContext(action="impact", type="DDLS")).SAPRead accepts version="active" | "inactive" | "auto" and warns when the active source has an unactivated draft.SAPWrite or SAPActivate mutates an object, both active and inactive source cache entries are dropped; next read revalidates or fetches fresh source.See docs/caching.md for full documentation.
104 unit test files, mocked HTTP)test:integration:slow, test:e2e:slow, GitHub SAP Slow Tests workflow)test:integration:crud, test:integration:btp:smoke)22 and 24; live SAP integration + E2E run on internal PRs and manual dispatch, with SAP jobs gated off for docs/chore PRs and external forksThe 12 tools are designed from real LLM interaction feedback:
| Tool | What it does |
|---|---|
| SAPRead | Read exact ABAP source, method bodies, grep matches, table data, CDS views, access controls (DCLS), metadata extensions (DDLX), service bindings (SRVB), knowledge-transfer docs (SKTD or friendly alias KTD), message classes (MSAG), revision history (VERSIONS/VERSION_SOURCE), inactive object state, BOR objects, deployed UI5/Fiori apps (BSP, BSP_DEPLOY), and ABAP Platform 2025 server-driven objects (DESD, EVTB, EVTO, DTSC, CSNM, COTA). For "what does this object do?" use SAPContext first, then SAPRead for precise source. On-prem metadata reads include authorization fields (AUTH), feature toggles (FEATURE_TOGGLE), and enhancement implementations (ENHO). Structured format for classes returns metadata + decomposed includes as JSON. Optional grep regex returns only matching source lines (+context, method-annotated for classes) for token-efficient search. (Deprecated aliases MESSAGES/FTG2 accepted for one minor.) |
| SAPSearch | Object search + full-text source code search across the system |
| SAPWrite | Create/update/delete ABAP source and DDIC metadata with automatic lock/unlock (PROG, CLAS, INTF, FUNC, FUGR, INCL, DDLS, DCLS, DDLX, BDEF, SRVD, SRVB, SKTD/KTD, TABL, DOMA, DTEL, MSAG; availability adapts for BTP). Class updates can target local includes (definitions, implementations, macros, testclasses); class-section surgery (edit_class_definition, add_method, edit_method_signature, delete_method, change_method_visibility) lets an LLM edit a global class signature without re-sending /source/main; RAP behavior-pool scaffolding can auto-create lhc_* skeletons before injecting signatures/stubs. Batch creation supports terminal activation for interdependent multi-object workflows (e.g., RAP stack or domain+data element in one call) |
| SAPActivate | Activate ABAP objects — single or batch (essential for RAP stacks), with guarded retry for the S/4HANA ED064 batch quirk. Publish/unpublish OData service bindings (SRVB) |
| SAPNavigate | Go-to-definition, find references, code completion |
| SAPQuery | Execute ABAP SQL with table-not-found suggestions and automatic chunking for simple long literal IN (...) lists |
| SAPTransport | CTS transport management (list/get/create/release/delete/reassign/release-recursive), transport layer/target lookup, package transport requirement checks, and reverse lookup history (action="history") |
| SAPGit | Git-based ABAP workflows across gCTS and abapGit (list/clone/pull/push/commit/branch/unlink) with backend auto-selection and safety gating (--allow-git-writes) |
| SAPContext | Context-first object understanding (action="deps"): prepends the object's KTD when available and returns compressed dependency contracts. Also supports reverse dependency lookup (action="usages") and CDS upstream/downstream impact analysis (action="impact" for DDLS) |
| SAPLint | Local ABAP lint (system/release-aware presets, auto-fix, pre-write validation) + ADT PrettyPrint (server-side formatting) |
| SAPDiagnose | Syntax check, ABAP Unit tests, ATC code quality, CDS test-case suggestions, active/inactive object-state comparison, generic ADT quickfix proposals/application deltas, gateway/system message diagnostics, short dumps, and profiler traces |
| SAPManage | Feature probing, cache statistics, package lifecycle/change-package operations, and FLP catalog/group/tile helpers |
Tool definitions automatically adapt to the target system (BTP vs on-premise), removing unavailable types and adjusting descriptions so the LLM never attempts unsupported operations.
ARC-1 probes the SAP system at startup and adapts its behavior:
SAP's current SAP API Policy is v.4.2026a. It allows published/documented APIs for the purposes described in SAP documentation, while restricting unsupported internal APIs, misuse, unman
$ claude mcp add arc-1 \
-- python -m otcore.mcp_server <graph>