// MCP TOOL REFERENCE

decompile_mod_jar

ServerMinecraft Dev MCP
CategoryExecute

WHAT IT DOES

What decompile_mod_jar does on Minecraft Dev MCP

AI agents invoke decompile_mod_jar to trigger actions in Minecraft Dev MCP. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.

THE RISK

High Risk

Why decompile_mod_jar needs a policy

This tool executes a decompilation process on an arbitrary JAR file path provided by the user, running external decompiler tooling and writing output to the filesystem. It spans Execute (running a decompiler process) and Write (caching results to disk). Per the rules, Execute is more severe than Write, and the tool triggers an external operation whose effects depend on the input JAR path argument.

From the tool's definition Decompile a mod JAR file to readable Java source code... Decompiled sources are cached in AppData/decompiled-mods/...

Documented attack patterns abuse exactly the kind of access decompile_mod_jar gives an agent:

POLICY

How to control decompile_mod_jar

PolicyLayer is an MCP gateway — it sits between your AI agents and Minecraft Dev MCP, and nothing reaches the server without passing your rules. This is the rule we recommend for decompile_mod_jar:

policy.json

{
  "version": "1",
  "default": "deny",
  "tools": {
    "decompile_mod_jar": {
      "limits": [
        {
          "counter": "decompile_mod_jar_rate",
          "window": "minute",
          "max": 10,
          "scope": "grant"
        }
      ]
    }
  }
}

decompile_mod_jar stays usable, but rate-capped — a runaway agent can't fire it dozens of times a minute. Everything else on the server is denied unless you say otherwise.

Create a free account and register Minecraft Dev MCP — nothing to install.
Add this policy — paste it, or build it visually.
Point your MCP client (Claude, Cursor, anything) at your gateway URL.

RATE-LIMIT THIS TOOL →

Free to start. No card required.

EXPLORE

Related tools and policies

More Minecraft Dev MCP tools

Execute decompile_minecraft_version Decompile an entire Minecraft version. By default downloads the client JAR from Mojang, re Execute remap_mod_jar Remap a Fabric mod JAR from intermediary mappings to human-readable mappings. Useful for r Write index_minecraft_version Create a full-text search index for decompiled Minecraft source. Enables fast searching wi Write index_mod Create a full-text search index for decompiled mod source code. Enables fast searching wit Read analyze_mixin Analyze and validate Mixin code against Minecraft source. Parses @Mixin annotations, valid Read analyze_mod_jar Analyze a third-party mod JAR file to extract metadata, dependencies, entry points, mixins Read compare_versions Compare two Minecraft versions to find differences in classes or registry data. Useful for Read compare_versions_detailed Compare two Minecraft versions with detailed AST-level analysis. Shows method signature ch

All 20 Minecraft Dev MCP tools →

Execute tools on other servers

Android Forensics ADB MCP Server adb_shell_command EMBA-MCP run_emba_scan Frida Game Hacking MCP remove_breakpoint Procmon request_elevation

Go deeper

High-risk tools in Minecraft Dev MCP → Every high-risk tool this server exposes, in one view.
All high-risk MCP tools → Every high-risk tool across the catalogue, and the policy pattern that contains them.
The MCP Attack Database → Documented attack patterns against MCP deployments — and the policies that stop them.
Agent sandbox → Bounding what an agent can execute and where the boundary should sit.
Least privilege for MCP → Granting agents the minimum tool surface the task needs.
Rate Limiting MCP Tool Calls: A Practical Guide →
MCP Security: Why Prompt Guardrails Aren't Enough →

FAQ

Questions about decompile_mod_jar

What does the decompile_mod_jar tool do? +

Decompile a mod JAR file to readable Java source code. The JAR can be either the original mod JAR (with intermediary mappings) or a remapped JAR (from remap_mod_jar). Decompiled sources are cached in AppData/decompiled-mods/{modId}/{modVersion}/{mapping}/. Mod ID and version are auto-detected from the JAR metadata if not provided. Supports both WSL (/mnt/c/...) and Windows (C:\\...) paths. It is categorised as a Execute tool in the Minecraft Dev MCP MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on decompile_mod_jar? +

Register the Minecraft Dev MCP server in PolicyLayer and add a rule for decompile_mod_jar: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Minecraft Dev MCP. Nothing to install.

What risk level is decompile_mod_jar? +

decompile_mod_jar is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit decompile_mod_jar? +

Yes. Add a rate_limit block to the decompile_mod_jar rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block decompile_mod_jar completely? +

Set action: deny in the PolicyLayer policy for decompile_mod_jar. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides decompile_mod_jar? +

decompile_mod_jar is provided by the Minecraft Dev MCP server (mcdxai/minecraft-dev-mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

Enforce policy on every Minecraft Dev MCP tool call.

Start from Minecraft Dev MCP, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

20 Minecraft Dev MCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.