playbooks

home / mcp / apktool mcp server

apktool MCP Server

A MCP Server for APK Tool (Part of Android Reverse Engineering MCP Suites)

Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
  "mcpServers": {
    "zinja-coder-apktool-mcp-server": {
      "command": "uv",
      "args": [
        "-directory",
        "/path/to/apktool-mcp-server",
        "run",
        "apktool_mcp_server.py"
      ],
      "env": {
        "UV_ENV": "YOUR_PLACEHOLDER"
      }
    }
  }
}

You can use apktool-mcp-server to perform live, context-aware reverse engineering of Android APKs by combining apktool decoding with MCP-enabled AI assistance. It exposes AML-like MCP tools that let you decode, inspect, modify, and analyze APK projects while receiving real-time, context-aware feedback from supported LLMs. This accelerates vulnerability discovery, manifest analysis, and reverse engineering tasks in a repeatable, scriptable way.

How to use

You run the local MCP server and connect an MCP client to interact with it. Start a session with your client, choose the project you want to work on, and issue prompts that combine decoding, inspection, and code review. Use the available tools to decode APKs, inspect the AndroidManifest.xml, list and open smali files, inspect resources, and apply changes while getting AI-assisted guidance and diffs in real time.

How to install

Prerequisites: you need Python support for the server script and the uv dependency manager to run the local MCP server. You also need a Java toolchain-compatible apktool installed to decode APKs.

# 0. Install apktool from its official site
# 1. Ensure apktool is in your PATH
# 2. Install uv for dependency management (if you do not have it)
curl -LsSf https://astral.sh/uv/install.sh | sh

# 3. Prepare a Python environment if you want to run the server directly (optional, handled by uv in this setup)
# 4. Clone or download the apktool-mcp-server package
# 5. Change to the server directory and install dependencies
uv venv
source .venv/bin/activate
uv pip install httpx fastmcp

Additional notes and configuration

The server exposes a set of MCP tools you can invoke to operate on APKTool projects. Use these to decode, inspect, modify, and search within a project. The server is designed to work with local MCP clients like Claude Desktop or Cherry Studio, which can bridge your local LLM to the server for interactive prompts.

Available tools

build_apk

Build an APK from a decoded APKTool project, producing an output APK from the current decoded state.

get_manifest

Retrieve the AndroidManifest.xml content from the decoded APKTool project for review and validation.

get_apktool_yml

Obtain apktool.yml information from the decoded project to understand decoding parameters and metadata.

list_smali_directories

List all smali directories present in the decoded project to map code structure.

list_smali_files

List smali files in a specific directory, with optional filtering by package prefix.

get_smali_file

Get the contents of a specific smali file by class name for inspection.

modify_smali_file

Modify the content of a specific smali file to implement changes or inject code.

list_resources

List resources in the project, optionally filtered by resource type.

get_resource_file

Get the contents of a specific resource file.

modify_resource_file

Modify a resource file’s content within the project.

search_in_file

Search for a pattern across files with specified extensions to quickly locate relevant code or data.

clean_project

Clean the project directory to prepare for a fresh rebuild.

decode_apk

Decode an APK file using APKTool, extracting resources and smali code for analysis.