MCP SAPUI5 Server

78 tools. 38 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

38 can modify or destroy data
40 read-only
78 tools total

Community server · catalogue entry verified 03/07/2026

How to control MCP SAPUI5 Server ↓

What MCP SAPUI5 Server exposes to your agents

Read (40) Write / Execute (37) Destructive / Financial (1)
Critical Risk

The most dangerous MCP SAPUI5 Server tools

38 of MCP SAPUI5 Server's 78 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control MCP SAPUI5 Server

PolicyLayer is an MCP gateway — it sits between your AI agents and MCP SAPUI5 Server, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "rollback_project_patch": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "apply_agent_pack": {
    "limits": [
      {
        "counter": "apply_agent_pack_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "analyze_current_file": {
    "limits": [
      {
        "counter": "analyze_current_file_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register MCP SAPUI5 Server — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON MCP SAPUI5 →

Instant setup, no code required.

All 78 MCP SAPUI5 Server tools

WRITE 31 tools
Write apply_agent_pack Apply a saved agent pack to the current project with fingerprint verification and scaffolded materialization. Write apply_project_patch Apply one or more safe workspace file changes and create rollback metadata for later restore. Write collect_legacy_project_intake Collect and persist legacy-project contextual intake to improve AI guidance quality while minimizing repeated Write deploy_runbook_generator Generate a deployment runbook (Cloud Foundry or On-Premise) from precheck signals, with dry-run preview and sa Write ensure_project_mcp_current Automatically audit and upgrade MCP project artifacts to the current managed layout when needed. Write generate_javascript_function Generate an ES2022 JavaScript or TypeScript function with JSDoc for browser or Node runtime. Write generate_pr_description Generate a structured PR description from Git diff context, including testing, risk, and rollback guidance. Write generate_ui5_controller Generate a SAPUI5 controller skeleton with lifecycle hooks and JSDoc. Write generate_ui5_feature Generate an end-to-end UI5 feature scaffold (view/controller/fragment/routing/i18n) with dry-run support. Write generate_ui5_formatter Generate a formatter module that follows SAPUI5 module structure. Write generate_ui5_fragment Generate an XML SAPUI5 fragment skeleton with proper namespaces. Write generate_ui5_view_logic Generate UI5 view-controller event logic methods for XML views. Write manage_ui5_i18n Extract UI literals, detect missing/unused i18n keys, and optionally apply fixes with safe preview/apply patch Write materialize_recommended_agents Materialize recommended agents into project artifacts by generating blueprint/guide/prompt and optional MCP co Write merge_action_plan Create a safe, non-destructive merge action plan (strategy, staged checklist, and suggested commands) from mer Write prepare_legacy_project_for_ai Prepare a legacy/existing project for high-quality AI delivery by orchestrating ensure, intake, baseline, and Write promote_agent_pack Promote/degrade pack lifecycle status (experimental/candidate/recommended/deprecated) using automatic rules ov Write prompt_retrospective Analyze prompt execution outcome, suggest quality improvements, and optionally persist retrospective logs unde Write prompt_token_budget Optimize prompt size against a token budget and prioritize context files to minimize unnecessary token consump Write record_agent_execution_feedback Record agent execution feedback in local JSONL log and update aggregate pack metrics for future ranking and pr Write record_skill_execution_feedback Record structured execution feedback for project skills and update aggregate metrics for future ranking. Write refactor_javascript_code Refactor JavaScript code using modern syntax while preserving readability. Write refresh_project_context_docs Refresh docs/mcp context files incrementally using workspace snapshot diff with deterministic output. Write save_agent_pack Save generated agent artifacts into a reusable pack catalog with strict validation and fingerprinting. Write scaffold_project_agents Scaffold reusable project agent artifacts (blueprint, guide, bootstrap prompt, optional MCP config) with dry-r Write scaffold_project_skills Scaffold and manage project skills catalog with official references, safe preview/apply flow, and growth-ready Write scaffold_ui5_odata_feature Generate a base UI5 OData feature scaffold (view/controller/manifest/i18n) from service metadata with dry-run Write smart_stage_changes Suggest a non-destructive logical staging plan (grouped git add commands) from the current diff. Write sync_manifest_json Synchronize manifest.json models, routes, and targets with idempotent updates and optional dry-run. Write upgrade_project_mcp Upgrade MCP-managed project artifacts to the latest layout version with dry-run, preview, and rollback-safe pa Write write_project_file_preview Preview a safe workspace file write with hashes, line summary, and textual diff preview.
READ 40 tools
Read analyze_current_file Analyze the current file for imports, class structure, and controller methods. Read analyze_git_diff Analyze current Git diff scope and return structured impact summary by file, status, extension, and risk hints Read analyze_legacy_project_baseline Build a technical baseline for legacy projects to guide high-quality AI integration with minimal context waste Read analyze_odata_metadata Analyze OData V2/V4 metadata from XML, file, URL, or service root and return entities, properties, navigation, Read analyze_ui5_performance Analyze UI5 XML/JS files with performance-focused rules and actionable recommendations. Read analyze_ui5_project Analyze SAPUI5 project configuration from ui5.yaml, manifest.json, and package.json. Read audit_git_worktree_state Audit current Git worktree state (staged, unstaged, untracked, conflicts, and branch divergence). Read audit_project_mcp_state Audit MCP project artifacts/layout version and produce a migration plan to the current managed structure. Read branch_hygiene_report Assess branch hygiene (divergence, worktree cleanliness, staleness, and target alignment) before merge/PR. Read conflict_precheck Estimate merge conflict risk between source and target refs using merge-base overlap analysis (non-destructive Read detect_commit_smells Detect commit quality smells (size, mixed concerns, test gaps) and suggest a safer split plan. Read generate_commit_message_from_diff Generate a commit message proposal from Git diff impact (conventional or plain style). Read list_agent_packs List saved reusable agent packs from catalog. Read mcp_health_report Return MCP server/runtime health diagnostics (tool exposure, docs alignment, contract snapshot, and managed ar Read mcp_metrics_dashboard Build an MCP telemetry dashboard to surface high-value tools, failing/slow tools, and prioritized improvement Read merge_readiness_report Aggregate Git quality checks into a single merge-readiness decision (ready, needs_attention, blocked). Read prepare_safe_commit Run a safe pre-commit readiness checklist from Git state/diff without performing commit or push operations. Read prompt_context_selector Select the minimum high-value file context for a prompt using git diff, context-index hints, and keyword relev Read prompt_intake_wizard Run a lightweight interactive intake for task prompts and return missing fields/questions before execution. Read prompt_quality_gate Evaluate prompt quality with deterministic scoring, blockers, and targeted improvement questions. Read prompt_template_catalog Provide reusable prompt templates by task type to standardize quality and reduce prompt drafting effort. Read rank_agent_packs Rank saved agent packs using execution feedback metrics to prioritize recommendations for the current context. Read rank_project_skills Rank project skills using local feedback metrics to prioritize reliable skills in future recommendations. Read read_project_file Read a workspace file safely with project-root sandboxing. Read recommend_project_agents Analyze project signals and recommend agent definitions with materialization-ready arguments. Read release_notes_from_commits Generate release notes from commit history (range or recent tail) using conventional-commit heuristics. Read risk_review_from_diff Review Git diff risk profile and return prioritized findings with mitigation guidance before merge. Read search_mdn Search MDN documentation for JavaScript and web platform references. Read search_project_files Search workspace files by text query with optional extension filtering. Read search_ui5_sdk Search official SAPUI5 SDK metadata and return API/topic summaries with examples. Read security_check_javascript Detect risky JavaScript patterns including eval, command injection, and prototype pollution. Read security_check_ui5_app Scan UI5 XML/JS sources for security risks (XSS, unsafe HTML injection, dynamic code execution, insecure redir Read suggest_tests_from_git_diff Suggest focused tests/checks based on current Git diff impact (UI5, manifest, config, docs, and test coverage Read tool_contract_catalog Inspect runtime MCP tool contracts with per-tool contract versions, hashes, and optional snapshot drift status Read trace_change_ownership Trace likely code ownership for changed files using Git history + blame recency to suggest more accurate revie Read validate_project_agents Validate generated agent blueprint and guardrail artifacts for consistency, tool coverage, and MCP integration Read validate_project_skills Validate project skill catalog integrity, official references, and file layout consistency. Read validate_ui5_code Validate SAPUI5 code for sap.ui.define usage, dependency order, naming, and MVC separation. Read validate_ui5_odata_usage Validate UI5 OData usage across manifest, XML/JS bindings, model APIs, and optional metadata cross-checks. Read validate_ui5_version_compatibility Validate UI5 control/module compatibility against project version and recommend better-fit components (e.g. de

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about MCP SAPUI5 Server

Can an AI agent delete data through the MCP SAPUI5 Server MCP server? +

Yes. The MCP SAPUI5 Server server exposes 1 destructive tools including rollback_project_patch. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through MCP SAPUI5 Server? +

The MCP SAPUI5 Server server has 31 write tools including apply_agent_pack, apply_project_patch, collect_legacy_project_intake. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach MCP SAPUI5 Server.

How many tools does the MCP SAPUI5 Server MCP server expose? +

78 tools across 3 categories: Execute, Read, Write. 40 are read-only. 38 can modify, create, or delete data.

How do I enforce a policy on MCP SAPUI5 Server? +

Register the MCP SAPUI5 Server MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every MCP SAPUI5 Server tool call.

Deterministic rules across all 78 MCP SAPUI5 Server tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

78 MCP SAPUI5 Server tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.