ALM X++ MCP Server

[~] PRIORITY TRIGGER: Use this tool when the user says 'analyse PR', 'review PR', 'check PR', 'PR #', 'impact du PR', 'analyse la PR', 'what changed in PR', 'D365 impact of PR', 'code review PR', 'violations in PR', 'PR review'. NEVER call search_d365_code when 'PR' or 'Pull Request' + a number is mentioned. Analyse the full D365 F&O code impact of a Pull Request. For every X++ class/table/form/extension modified in the PR: (1) Best Practice validation -- reports Critical and Warning violations. (2) Upgrade impact -- cross-references CoC targets, event handlers, and extensions against the D365 standard code. (3) Extension conflicts -- finds existing CoC/extensions that may conflict. (4) Produces a ready-to-post PR review comment addressed to the PR author. After reviewing, call ado_post_pr_comment to post the review (requires user confirmation). Requires DEVOPS_ORG_URL + DEVOPS_PAT (Code: Read).

AZURE DEVOPS ONLY -- Fetch a Work Item and assemble ALL technical context needed for D365 F&O expert analysis. [~] PRIORITY TRIGGER: 'analyse le workitem', 'analyse la tâche', 'analyse le FDD/RDD/CR/IDD', 'read the work item', 'check the bug', 'look at ticket', 'review task', '#1234', 'WI#', 'WI ', 'item #'. NEVER for: labels (@SYS/@TRX/@FIN), X++ code lookup, AOT objects -- use search_labels / search_d365_code instead.

WHAT THIS TOOL RETURNS

Raw structured context only -- NOT a finished analysis. The tool returns:

1. Work item metadata (title, description, repro steps, acceptance criteria, comments)

2. D365 standard KB object details: fields, methods, code snippets for every matched object

3. Custom code on disk (Aprolis extension): existing CoC methods, extension bodies

4. Chain of Command / relation graph for all impacted objects

YOUR JOB AS COPILOT AFTER CALLING THIS TOOL

You MUST synthesize the raw context into a precise developer-ready analysis IN FRENCH. Write it in a professional tone, as if authored by a senior D365 consultant -- no emojis, no icons. The analysis must contain these sections:

1. Compréhension du besoin -- résume ce que le client demande en 2-3 phrases claires

2. Analyse technique -- identifie la cause racine en croisant le besoin + les objets KB + le code custom

3. Instructions de développement -- liste ordonnée et précise : quel objet, quelle méthode, quoi modifier

   • Si une extension custom existe sur disque -> pointer exactement quelle méthode à modifier

   • Si pas d'extension -> indiquer quel CoC créer, sur quel objet standard, quelle méthode

4. Estimation -- chiffrage en heures/jours selon la complexité détectée

5. Commentaire ADO -- Texte markdown sans icônes, prêt à poster sur le WI analysé UNIQUEMENT. IMPORTANT: never post (never call ado_post_comment) on any linked/related work item -- only on the analyzed WI.

Requires DEVOPS_ORG_URL + DEVOPS_PAT env vars.

WHEN: user asks to create a DevOps Task or start development on a Work Item. Triggers: 'create task', 'créer une tâche', 'start development on', 'commencer le dev sur', 'créer un task ADO', 'new development task for WI'. Create a D365 F&O development Task work item in Azure DevOps following the project naming convention. Rules applied automatically based on the parent work item: (A) Parent title starts with a project prefix + digits (FDD/RDD/IDD/CR/...) => Task named '{Prefix} - N - {Title}', Task is child of that WI, branch '{Prefix}Task{id}'. (B) Selected WI is related to a prefixed WI (e.g. a Bug linked to a CR) => Task is child of the prefixed WI, Bug is 'related' to the Task, same naming. (C) No prefixed relation => Task named '{3-letter-type}{wiId} - N - {Title}', child of selected WI, branch '{3-letter-type}{wiId}Task{id}'. The N counter increments automatically based on existing sibling tasks. A Git branch is created automatically in the repository. Assignee and CC list are embedded in the task description. LANGUAGE RULE: write the 'description' (Proposed Solution) in the same language the user used in their request. Default is English. If the user wrote in French, write the solution in French. Static section labels (headers, field names) remain in English. Requires DEVOPS_ORG_URL + DEVOPS_PAT (Work Items: Read & Write, Code: Read & Write).

WHEN: user asks for an effort estimate, chiffrage, or development hours for a D365 Work Item. [~] PRIORITY TRIGGER: call AFTER ado_analyze_workitem when the user asks 'how long?', 'estimate this', 'chiffre ce WI'.

[t] EFFORT ESTIMATOR -- Estimate D365 F&O development effort for a Work Item. Uses KB signals (object count, method complexity, existing extensions, relation depth) combined with ADO history (similar past tasks) to produce a structured hour estimate broken down by phase: Analysis / Dev / Test / Deploy.

Returns:

• Per-phase hour breakdown (table)

• KB signals used (objects found, extensions, complexity flags)

• Confidence level and risk factors

• Ready-to-paste estimate for ADO task Original Estimate field

Triggers: 'estimate WI #N', 'how long for WI #N', 'chiffrage WI #N', 'effort estimate', 'combien de jours pour', 'combien d'heures pour'.

WHEN: user asks whether a D365 requirement is standard, needs config, needs an extension, or is a full gap. Also triggered by gap analysis or fit/gap classification of a Work Item.

GAP / FIT CLASSIFIER -- Analyse a D365 F&O requirement (from an ADO Work Item OR plain text) and classify it as one of four verdicts: [OK] Standard Fit -- D365 covers this out-of-the-box, no dev needed [gear] Config Fit -- D365 has it but requires parameter / profile setup Extension Fit -- Standard process exists; a CoC/event-handler is enough [X] Gap -- No standard coverage; custom development required

For each requirement block the tool returns: -- Detected D365 domain (Settlement, PaymentJournal, DataImport, ...) -- Standard objects found in KB and their process step -- Existing extensions in the custom model (if ALM_CUSTOM_MODEL_PATH is set) -- Effort estimate (hours) and a one-paragraph reasoning

Triggers: 'analyse the requirement', 'is this a gap or fit', 'gap analysis WI #N', 'standard or custom for WI #N', 'does D365 cover this'.

[~] PRIORITY TRIGGER: Use this tool when user mentions 'PR', 'Pull Request', 'list PRs', 'show PRs', 'active PRs', 'mes PR', 'liste des PR', 'pull requests ouverts', 'what PRs are open', 'PRs by [author]', 'PRs targeting [branch]'. NEVER call search_d365_code for PR listing requests. List Pull Requests in an Azure DevOps Git repository. If repositoryId is unknown, omit it and all repositories will be listed first. Filters: status (Active/Completed/Abandoned/All), author display name, target branch. Returns: PR ID, title, author, source->target branch, review status, linked work items, creation date. Use ado_analyze_pr_impact with a PR ID to get full D365 code impact analysis. Requires DEVOPS_ORG_URL + DEVOPS_PAT (Code: Read scope).

WHEN: user explicitly asks to post, add, or save a comment to an ADO Work Item. [~] PRIORITY TRIGGER: call AFTER ado_analyze_workitem when user says 'post the analysis', 'save it to the ticket', 'ajoute en commentaire'. WARNING: ALWAYS ask for explicit user confirmation before calling this tool. Recommended workflow: (1) call ado_analyze_workitem, (2) show analysis to the user, (3) ask 'Shall I post this comment to Work Item #X?', (4) only then call this tool. Requires DEVOPS_ORG_URL + DEVOPS_PAT with Work Items: Write permission.

WHEN: user explicitly asks to post, add, or save a review comment to an ADO Pull Request. [~] PRIORITY TRIGGER: call AFTER ado_analyze_pr_impact when user says 'post the review', 'add comment to PR', 'ajoute le commentaire sur la PR'. WARNING: ALWAYS ask for explicit user confirmation before calling this tool. Recommended workflow: (1) call ado_analyze_pr_impact, (2) show the result, (3) ask 'Shall I post this review comment to PR #X?', (4) only then call this tool. Requires DEVOPS_ORG_URL + DEVOPS_PAT (Pull Request Threads: Read & Write).

AZURE DEVOPS ONLY -- Query Work Items (Bugs, Tasks, FDDs, User Stories, CRs) in Azure DevOps. [~] PRIORITY TRIGGER: use this tool when the user mentions 'FDD', 'RDD', 'IDD', 'CR', 'Task', 'Workitem', 'Work Item', 'Bug', 'User Story', 'Feature', 'Issue', 'ticket', 'sprint', 'backlog', 'DevOps', 'liste des tâches', 'show tasks', 'find bugs', '#1234', 'WI#'. NEVER use this tool for: D365 labels (@SYS/@TRX), X++ code, AOT objects, tables, classes, forms, enums, error messages, 'c'est quoi le label', 'search_labels', 'libellé', 'label D365'. For labels -> use search_labels. For D365 code -> use search_d365_code or get_object_details. Shortcuts: 'bugs' (all active bugs), 'my bugs' (assigned to me), 'recent' (updated last 7 days), 'sprint' (current iteration). Or pass any WIQL SELECT statement or a free-text title search. Use '*' with filters only. Returns max 50 work items with ID, title, type, state, priority, area, assigned-to. Requires DEVOPS_ORG_URL + DEVOPS_PAT env vars.

WHEN: upgrading D365 F&O to a new version or applying a Microsoft update -- check if your custom code will break. Triggers: 'upgrade D365', 'mise à niveau', 'will this break after upgrade', 'compatibilité après upgrade', 'impact de la mise à jour', 'check CoC targets after update'. Analyze upgrade risk for your custom D365 F&O model. Cross-references EVERY Chain of Command target, event handler hook, table/form/class extension, and hard-coded object reference in your custom model against the standard indexed codebase. Detects: removed objects, changed method signatures, deprecated APIs (RunBase, Dialog, WinAPI, COM), [Hookable(false)] and [Wrappable(false)] extensibility blocks, renamed fields, and internal methods. Returns a prioritized risk report with fix recommendations. Requires ALM_CUSTOM_MODEL_PATH.

WHEN: you need context on multiple D365 objects or concepts simultaneously -- runs all queries in parallel. Use INSTEAD of multiple sequential search_d365_code calls -- each line becomes one parallel search. Maximum 6 queries per call. Results are equivalent to search_d365_code but returned together.

Triggers: 'find all of these', 'look up multiple', 'cherche plusieurs', 'SalesTable AND VendTable', 'several objects at once', 'lookup X and Y and Z', 'plusieurs objets en même temps', 'context on all of these'.

WHEN: slow query, performance review, or N+1 query check on ANY D365 F&O object (custom or standard). Triggers: 'performance', 'lent', 'slow', 'optimise', 'N+1', 'requête dans une boucle', 'query in loop', 'perf issues', 'slow query', 'requête lente', 'optimise ce code', 'missing firstonly', 'set-based'. Detects: N+1 queries, queries in loops, missing field lists, row-by-row inserts/updates, missing firstonly. [!] Auto-fixing is only possible on YOUR custom code (ALM_CUSTOM_MODEL_PATH). Standard D365 objects return issues as read-only analysis.

WHEN: user asks how an approval workflow works, who approves a document, what states it goes through, or what happens on submission/rejection. NOT for technical workflow class details -- use get_object_details.

WORKFLOW EXPLAINER (Business Language) -- Explains a D365 approval workflow: who approves, what states exist, and what happens on approval or rejection. Output is plain business language -- no X++ or workflow engine jargon.

Triggers: 'explain the workflow for', 'how does the approval work', 'qui approuve', 'workflow states for', 'étapes du workflow', 'approval process for', 'circuit d'approbation', 'what happens when a user submits'.

Find who calls a D365 F&O method/class AND get the full cross-reference profile from the compiled XRef DB. Covers ALL reference kinds: Call graph (who calls this method, what does it call), Usage (who references this type), Inheritance (base class chain, sub-classes), Interface (what interfaces implemented, what classes implement an interface), Overrides (which method is overridden, which sub-classes override it), Attributes (which decorators are applied). Requires xref_index.json.gz generated from DYNAMICSXREFDB by GenerateCache --xref-conn. Triggers: 'qui appelle', 'who calls', 'call chain', 'callers of', 'où est appelé', 'qui hérite', 'qui implémente', 'qui override', 'quels attributs'.

WHEN: developer needs to integrate via OData and wants to find the entity name for a given table. Also generates a new entity template when none exists and generateIfMissing=true. Triggers: 'which entity exposes', 'OData entity for', 'find entity for', 'quelle entité expose', 'DMF entity for', 'create data entity', 'expose via OData', 'generate entity', 'entité de données'. Find D365 F&O data entities that expose a given table for OData/DMF integrations. Answers: 'Which entity exposes SalesTable for OData?' Scans all indexed AxDataEntityView objects to find entities with matching data sources. Returns entity name, public entity name (for OData URL), IsPublic status, key fields, and all data sources. Essential for integration development. Set generateIfMissing=true to auto-generate an AxDataEntityView XML template when no public entity is found.

WHEN: a user encounters an error message, infolog error, or runtime exception in D365. Also handles business-language error explanation when audienceType='business'. Triggers (developer): 'fix this error', 'what causes', 'exception thrown', 'infolog error', 'update conflict', 'outside tts', 'number sequence'. Triggers (business): 'what does this error mean', 'explain this error to me', 'user gets error X', 'que signifie cette erreur', 'message d'erreur', 'what should the user do when they see this error'. Find known D365 F&O error patterns matching an error message or symptoms description. Matches against a built-in database of common errors (transaction conflicts, security issues, number sequences, posting errors, batch problems, etc.), resolves D365 label IDs from error text (e.g. user sees 'Number sequence not set up' -> finds @SYS70535 -> finds the throwing code), and searches the indexed codebase. Returns root causes, step-by-step resolution, label matches, and source code locations. Set audienceType='business' for a plain-language explanation targeted at end users instead of developers.

WHEN: before modifying an object -- check existing customizations. Triggers: 'extensions de', 'CoC sur', 'qui étend', 'event handlers for', 'customizations of', 'avant de modifier'. Finds ALL extension objects (AxClassExtension, AxTableExtension, AxFormExtension), Chain of Command (CoC) classes, and event handlers for a base object. NOT for general references -- use find_references for that.

WHEN: impact analysis -- 'what breaks if I change X?', 'where is this used?'. Triggers: 'qui utilise', 'impact de la modification', 'what uses', 'where is X referenced', 'before deleting', 'où est utilisé', 'impact of changing', 'all usages of', 'qui appelle ce champ', 'find all references to', 'tout ce qui utilise'. Full index scan to find ALL objects that reference a given name in code or metadata. For label IDs (e.g. '@SYS124480' or '@SYS:124480'): automatically searches BOTH forms simultaneously -- the short form appears in X++ code, the colon form appears in metadata (Label: property). WORKFLOW for labels: (1) search_labels to get the label text, (2) find_references with the label ID to find all usages in forms/tables/classes/reports. NOT for extensions only -- use find_extensions for CoC/event handlers specifically.

WHEN: you need ALL relations, schema, or foreign keys of a D365 object. Triggers: 'what tables are linked to', 'quelles tables sont liées à', 'relations de', 'qui référence', 'foreign keys of', 'before generating code for', 'show me the schema', 'what joins to', 'table structure', 'liens entre tables', 'structure de la table', 'all FK of', 'dépendances de', 'linked tables', 'related tables'. Returns outgoing FK/DeleteAction/DataSource relations AND incoming back-references. ALWAYS call this BEFORE generating any code that touches multiple objects.

WHEN: generating a visual diagram of D365 table relationships or security chains. Triggers: 'generate diagram', 'diagramme', 'visualize', 'schéma', 'ER diagram', 'entity-relationship', 'relation diagram', 'security diagram', 'show connections'. Generate visual Mermaid diagrams from D365 F&O knowledge base data. Diagrams render directly in Copilot Chat, Cursor, Claude, and markdown viewers. Types: 'er' (entity-relationship diagram for a table and its relations), 'security' (security chain: Role->Duty->Privilege->EntryPoints). Note: 'flow' (execution flowchart) is disabled -- static call trees are misleading in D365 due to CoC and event handlers.

WHEN: user asks to write or generate a Functional Design Document, FDD, functional spec, CdC, or cahier des charges. NOT for developer technical docs -- use get_object_details for that.

FUNCTIONAL DESIGN DOCUMENT GENERATOR -- Produces a structured FDD ready for review and sign-off.

Sections generated: Purpose, Business Context, Data Fields (with resolved labels), Business Rules, Related Objects, Security, and Open Questions.

Triggers: 'write FDD for', 'generate FDD', 'functional spec for', 'document this process', 'write functional design', 'rédiger le cahier des charges', 'CdC pour', 'fiche de conception'.

WHEN: developer needs correct X++ select or T-SQL for D365 tables with proper joins. Triggers: 'X++ select', 'generate a query', 'SQL for', 'join with', 'how to query', 'générer une requête', 'write a select statement', 'select from', 'X++ query for', 'requête X++', 'écrire une select'. Generate both X++ select statements and equivalent T-SQL queries for D365 F&O tables. Uses real field names, relations, and indexes from the knowledge base to produce correct joins. Supports: field selection, multi-table joins (auto-detects relations), WHERE filters, ORDER BY, TOP/firstonly, cross-company. Also accepts natural language descriptions like 'find all open sales orders for customer 1001 with CustTable join'. [!] The generated X++ is a template -- adapt it to your custom code context before using in production. Returns side-by-side X++ and SQL with explanations.

WHEN: developer needs to write or scaffold unit tests for a custom D365 object. Triggers: 'generate tests', 'unit test', 'SysTest', 'write test for', 'scénarios de test', 'test this class'. Generate X++ SysTest unit test code for a CUSTOM D365 F&O object based on functional test scenarios. [!] Only meaningful on custom/extension code (ALM_CUSTOM_MODEL_PATH). SysTest tests in D365 are highly context-specific -- a generic template rarely compiles without adaptation. REQUIRED: provide test scenarios in the 'testScenarios' parameter (supplied by the functional consultant). Each scenario becomes a concrete test method with arrange/act/assert. For tables: generates tests for find(), exist(), validateWrite(), initValue(). For classes: generates stubs for each public method listed in scenarios. Uses REAL field names and method signatures from the knowledge base.

WHEN: you know the EXACT object name. Triggers: user gives an exact name like 'SalesTable', 'CustTable', 'VendInvoiceJour', any PascalCase D365 object name. Get complete details: all fields, methods, relations, indexes, source code, and metadata. Also merges live disk source when a custom model path is configured (disk takes priority). Pass methodName to get the FULL body of a specific method -- without it, only signatures are returned. NOT for searching -- use search_d365_code when the name is uncertain. NOT for listing a model's objects -- use list_objects for that.

WHEN: developer wants to see what custom/extension objects exist in their model. Triggers: 'list my custom objects', 'what have we customized', 'show ISV objects', 'list custom model', 'what objects are in our model'. List all D365 F&O objects in the custom/extension model directory on disk. Reads the file system directly -- always reflects the latest uncommitted state. Pass customModelPath to specify a model directory; or set it once via the X-Custom-Model-Path header in your .mcp.json (applies to all tool calls automatically).

WHEN: you need ALL objects of a given type or in a given model. Triggers: 'list all tables in ALM', 'show all classes', 'quels objets dans le modèle', 'give me all forms'. Full index scan -- returns EVERY matching object, not just top search results. Use to discover what tables, classes, forms, enums, etc. exist in a specific model. When no filters are given and a custom model is configured, defaults to listing that model. NOT for a single object -- use get_object_details. NOT for natural language search -- use search_d365_code.

WHEN: mapping the technical D365 objects behind a business process, or understanding which tables/forms implement a flow. Triggers: 'processus métier', 'Order-to-Cash', 'Procure-to-Pay', 'Record-to-Report', 'business process flow', 'qui est impliqué dans', 'map the process', 'flux du processus', 'quels objets dans le flux'. Map a D365 F&O business process to its complete object chain. For known processes (Order-to-Cash, Procure-to-Pay, Record-to-Report, Plan-to-Produce, Inventory-Management, Hire-to-Retire, Project-Accounting, Asset-Lifecycle): shows every step with forms, tables, classes, entities, reports, and security roles involved. For any other object name: traces all dependencies (tables, classes, forms, entities) from that entry point. Produces a Mermaid process flow diagram. Use 'list' to see all known process mappings.

WHEN: object name is unknown, partial, or you need to find by concept/keyword. Triggers: 'find', 'search', 'look for', 'chercher', 'trouver', 'où est', 'comment fonctionne', 'what is', 'show me'. Search the D365 F&O knowledge base for X++ code, tables, classes, forms, views, enums, EDTs, security objects using natural language or partial names. Returns matching code chunks ranked by relevance. NOT for listing all objects in a model -- use list_objects for that. NOT when the exact name is known -- use get_object_details for that. NEVER use this tool when the user mentions: 'FDD', 'RDD', 'IDD', 'Task', 'Workitem', 'Work Item', 'Bug', 'PR', 'Pull Request', 'ticket', 'DevOps', 'sprint', 'backlog', '#1234', 'WI#', 'analyse le workitem', 'analyse la tâche', 'analyse le FDD'. For those, always use ado_query_workitems, ado_analyze_workitem, ado_list_prs, or ado_analyze_pr_impact instead.

Search D365 F&O labels across all indexed languages. Given text (e.g. 'Sales order'), finds the matching label ID (@SYS12345). Given a label ID (e.g. '@SYS12345' or '@SYS:12345'), finds the text in all languages. Accepts both D365 short form (@SYS124480) and colon form (@SYS:124480) -- both are normalized automatically. Searches across 1 000 000+ label entries. WORKFLOW: call search_labels first to resolve the label text, then call find_references with the same label ID to find ALL X++ objects (forms, tables, classes, reports) that use it in their code or metadata. Languages: en-US and fr are loaded at startup. Other languages (de, nl, ar, es, zh...) are loaded on-demand -- first call ~15s, then instant.

WHEN: adding a new field to a table -- find the best existing D365 EDT to extend instead of using raw primitives (str, int64, real, date). Triggers: 'what EDT for', 'which EDT should I extend', 'quel EDT pour', 'quel type étendu', 'EDT for a field'. D365 best practice mandates EDT reuse over raw primitive types. Call BEFORE declaring any field with a primitive type. Returns ranked candidate EDTs with their base type, label, and model.

WHEN: developer wants to improve code quality before a PR merge or code review. Triggers: 'refactor', 'clean up', 'simplify', 'too long method', 'nested ifs', 'code smells', 'améliorer le code'. Suggest concrete refactoring actions for YOUR custom D365 F&O X++ code. [!] Only runs on custom/extension code (ALM_CUSTOM_MODEL_PATH). Refactoring standard Microsoft code is not actionable. Analyzes: long methods (extract method), deep nesting (guard clauses), row-by-row operations (set-based), large switch statements (strategy pattern), hardcoded strings (constants), unprotected CLR calls (error handling), wide transactions (narrow scope). Returns before/after code examples.

WHEN: security design, licence audit, or 'what licence does this role require?'. Triggers: 'arborescence du rôle', 'licence nécessaire pour', 'what licence for role', 'role tree', 'droits du rôle', 'entry points of role', 'privilege tree for'. Builds the COMPLETE tree for ONE role: Role -> Duties -> Privileges -> Entry Points. For each entry point, classifies the required D365 licence per the March 2026 Licensing Guide: Team Members (~$8/user/mo, read-only + named tasks), Operations-Activity (~$50, warehouse mobile & production floor), Finance (~$180), Supply Chain Mgmt (~$180), Human Resources (~$22), Project Operations (~$120), Commerce (~$180). Grant-level aware: NoAccess/Read/View -> Team Members; Activity writes -> Operations-Activity; transactional writes -> full product licence based on functional area. Confidence: High (known module prefix) . Medium (keyword) . Low (fallback). Ends with a Optimization section: Team Members / Activity eligibility, role-split opportunities, per-user/month cost estimates (March 2026 MSRP). Always validate against the Microsoft D365 Licensing Guide. For a full multi-role scan use generate_security_governance_report.

WHEN: security audit -- need the TECHNICAL chain from Role/Duty/Privilege to Entry Points and Table/Form permissions. Also handles BUSINESS-LANGUAGE role explanation when businessLanguage=true. Triggers (technical): 'sécurité de', 'who can access', 'security for', 'role duty privilege', 'droits sur', 'technical security chain', 'trace le rôle', 'what privileges does', 'what duties are assigned', 'which role allows', 'accès au formulaire', 'what roles have access', 'quel rôle donne accès'. Triggers (business language): 'what can a user with role X do', 'explain this role', 'what does this role give access to', 'quel accès donne ce rôle', 'droits du rôle', 'what licence does this role need', 'droits requis pour'. Traverses: Role -> Duties -> Privileges -> Entry Points -> Table/Form Permissions. Set businessLanguage=true for plain-language capability list (no Duty/Privilege IDs). NOT for licence cost inference per entry point -- use trace_role_license_tree for that.

WHEN: code review, quality gate, or best-practice audit on ANY D365 F&O object (custom or standard). Triggers: 'vérifie les bonnes pratiques', 'check quality', 'code review', 'violations', 'best practices pour', 'audit du code', 'check this class', 'any issues in', 'vérifie cette classe', 'quality check', 'bonnes pratiques sur'. Checks: security vulnerabilities, performance issues, transaction problems, error handling, code quality. NOT for deep performance profiling (N+1 queries, row-by-row inserts) -- use detect_performance_issues for that. [!] Auto-fixing violations is only possible on YOUR custom code (ALM_CUSTOM_MODEL_PATH). Standard D365 objects return read-only violation analysis.