CodeAtlas MCP Enterprise
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@CodeAtlas MCP EnterpriseShow me the dependency graph for the payment module"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
CodeAtlas MCP Enterprise
Enterprise-Grade, Local-First MCP Server for AI-Powered Code Intelligence
CodeAtlas MCP Enterprise is an ultra-lightweight, local-first Model Context Protocol (MCP) server that securely indexes your codebase, performs deep AST-based analysis, and provides 20+ intelligent tools for AI code assistants. Your source code never leaves your machine.
π Table of Contents
Related MCP server: nexus-mcp-ci
π― Why CodeAtlas MCP?
AI code assistants are powerful β but they work best with context. CodeAtlas gives them X-ray vision into your codebase by:
π Deep parsing β Understands JavaScript, TypeScript, Python, and PHP at the AST level
π§ Persistent memory β Retains insights across conversations via Dreaming Memory
π Zero data leakage β All parsing happens locally, no source code ever transmitted
β‘ Blazing fast β Full codebase analysis in seconds, incremental re-indexing
π Universal compatibility β Works with any MCP-compatible editor (Cursor, Claude, VS Code, Windsurf, Copilot)
β¨ Features
Feature | Description |
π Local-First Parsing | AST analysis runs entirely on your machine β zero code uploaded |
π MCP Protocol | Works with all MCP-compatible AI editors |
π Auto Workspace Discovery | Automatically finds projects in your workspace |
π Multi-Language AST | JavaScript, TypeScript, Python, PHP with deep dependency resolution |
π§ Dreaming Memory | Persistent AI memory with vector search for cross-session context |
π Multi-Tenant Isolation | Isolate projects by workspace with sandbox boundaries |
π API Key Auth | Secure communication via cryptographic hash verification |
β‘ Incremental Indexing | Only re-parses changed files for near-instant updates |
ποΈ Knowledge Graph | Visualize modules, classes, and functions as an interactive graph |
π Remote Sync | Optionally sync metadata to CodeAtlas Enterprise via HTTPS |
π Code Metrics | LOC, complexity scores, function counts per project |
π‘οΈ Security Scanner | Detect hardcoded secrets, unsafe functions, SQL injection |
π Real-time Watching | Auto re-index on file changes via chokidar |
π Architecture Overview
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Your Local Machine β
β β
β ββββββββββββ ββββββββββββββ ββββββββββββββββββ β
β β Source βββββΆβ AST βββββΆβ MCP Server β β
β β Code β β Parser β β (this tool) βββββΌβββΆ AI Editor
β β (JS/TS/ β β (local) β βββββββββ¬βββββββββ β
β β PY/PHP)β ββββββββββββββ β β
β ββββββββββββ β β
β βΌ β
β ββββββββββββββββββββ β
β β Dreaming Memory β β
β β (optional: sync) β β
β ββββββββββ¬ββββββββββ β
βββββββββββββββββββββββββββββββββββββββββββββΌββββββββββββββββ
β HTTPS (optional)
βΌ
CodeAtlas Enterprise Serverπ Quick Start
Prerequisites
Node.js v18.0.0 or higher (v20+ recommended)
Install Globally
npm install -g codeatlas-enterpriseRun
# Scan current directory and start MCP server
codeatlas-mcp
# With API key for remote sync
codeatlas-mcp --apiKey="your_api_key_here"
# Point to a specific project directory
codeatlas-mcp --projectDir="/path/to/your/project"That's it! Your AI editor can now connect to the MCP server running on stdio.
π Authentication
Provide your API Key in one of these ways:
Environment Variable:
export CODEATLAS_API_KEY="your_api_key_here"CLI Argument:
codeatlas-mcp --apiKey="your_api_key_here"Local
.envFile (in the directory where you run the command):CODEATLAS_API_KEY=your_api_key_here
π AI Editor Integration
Cursor
Add to ~/.cursor/mcp.json or project-level .cursor/mcp.json:
{
"mcpServers": {
"codeatlas": {
"command": "codeatlas-mcp",
"args": ["--apiKey", "YOUR_API_KEY_HERE"]
}
}
}Claude Desktop
Add to claude_desktop_config.json:
{
"mcpServers": {
"codeatlas": {
"command": "codeatlas-mcp",
"args": ["--apiKey", "YOUR_API_KEY_HERE"]
}
}
}VS Code / Windsurf / Copilot
For any MCP-compatible editor, use the same JSON structure:
{
"mcpServers": {
"codeatlas": {
"command": "codeatlas-mcp",
"args": ["--apiKey", "YOUR_API_KEY_HERE"]
}
}
}Note: If you're running without a remote server, omit the
--apiKeyargument. The local MCP tools (analysis, search, graph) work fully offline.
π MCP Tools Reference
CodeAtlas MCP exposes 20+ tools organized into categories:
Analysis & Indexing
Tool | Description |
| Trigger full AST analysis of the current project |
| Get entities tree (modules, classes, functions, variables) |
| List all entities defined in a specific file |
Code Exploration
Tool | Description |
| Search for functions, classes, modules by name (fuzzy) |
| Search source file contents for any text or regex |
| Read file contents with line numbers |
Dependency & Impact Analysis
Tool | Description |
| Find all functions/callers that reference a symbol |
| Find everything a function/module imports or calls |
| Full blast radius: callers + callees + test files |
| Get import/call/containment/implements relationships |
Visualization & Diagrams
Tool | Description |
| Mermaid flowchart of module architecture |
| Mermaid sequence/flow diagram for a feature |
| Ordered call chain from entry point to database |
Memory & Persistence
Tool | Description |
| Semantic vector search across past AI memories |
| Persist an AI insight or observation for future sessions |
| Retrieve business rules and change logs |
| Save business rules or change descriptions |
Security & Architecture
Tool | Description |
| Scan all projects for hardcoded secrets, unsafe functions, SQL injection |
| Detect circular dependencies, God objects, dead code |
Project Operations
Tool | Description |
| List all discovered and indexed projects |
| Re-scan directories for new or removed projects |
| AI-generated refactoring and maintainability suggestions |
π Security Model
π Local-First by Design
CodeAtlas MCP Enterprise follows a zero-trust, local-first architecture:
Parsing is local β All source file reading, AST generation, and relationship mapping happens on your machine. No source code is ever uploaded.
No credentials embedded β The package contains zero database passwords, Firebase configs, or private server keys. All remote communication uses standard HTTPS with Bearer token auth.
Encrypted sync β If you enable remote sync, metadata is transmitted over HTTPS. The server authenticates via cryptographic hash of your API key.
π What Gets Sent (When Sync is Enabled)
Only structural metadata is transmitted:
File paths and names (relative to project root)
Function/class/module names and line numbers
Import/export relationships
Analysis statistics (file count, LOC, complexity)
Raw source code, credentials, and proprietary logic are never transmitted.
π Multi-Tenant Isolation
When multi-tenant mode is enabled:
Each tenant's projects are isolated in separate sandbox directories
Path traversal attacks are blocked by strict boundary validation
Memory and analysis data are scoped per-tenant
π Multi-Tenant Mode
Enable tenant isolation via environment variables:
CODEATLAS_MULTI_TENANT=true
CODEATLAS_PROJECTS_ROOT=./tenantsEach tenant's projects live in ./tenants/{tenantId}/, with strict path-boundary enforcement.
π Environment Configuration
Variable | Default | Description |
| β | API key for authenticating with remote server |
|
| Remote CodeAtlas server URL |
|
| Enable multi-tenant isolation |
|
| Root directory for tenant sandboxes |
|
| Default project path |
|
| Environment mode |
βοΈ How It Works
Start β Run
codeatlas-mcpin your project directory or point it with--projectDirAuto-Discover β The server scans for projects by detecting
package.json,pyproject.toml,composer.jsonAST Parse β Each source file is parsed into an Abstract Syntax Tree
Build Graph β Modules, classes, functions, and their relationships form a Knowledge Graph
Serve MCP β AI editors query the graph through 20+ MCP tools
Dream β Insights persist across sessions via Dreaming Memory (optional remote vector store)
π License
MIT Β© 2026 Giau Phan
π Related Projects
CodeAtlas AI β Full enterprise server with Oracle 26ai memory, dashboard, security scanner
npm package β Install via npm
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/giauphan/codeatlas-mcp-server'
If you have feedback or need assistance with the MCP directory API, please join our Discord server