Overview

Code Pathfinder exposes 12 MCP tools to AI assistants — 8 for code intelligence (Python, Java, Go) and 4 for Docker analysis (Dockerfiles, docker-compose).

All tools support pagination via limit and cursor parameters where applicable.

Quick Reference

#ToolCategoryDescription
1get_index_infoCodeCodebase statistics and index health
2find_symbolCodeSearch symbols by name, type, or module
3find_moduleCodeSearch Python modules by name
4list_modulesCodeList all modules in the project
5get_callersCodeReverse call graph — who calls this?
6get_calleesCodeForward call graph — what does this call?
7get_call_detailsCodeDetailed call site between two functions
8resolve_importCodeResolve Python imports to file locations
9find_dockerfile_instructionsDockerSearch Dockerfile instructions
10find_compose_servicesDockerSearch docker-compose services
11get_dockerfile_detailsDockerFull Dockerfile breakdown
12get_docker_dependenciesDockerDocker entity dependency graph

Tool 1: get_index_info

Retrieves project statistics and index metadata. Use this at the start of analysis to understand project scope.

Purpose

  • Get high-level project overview
  • Check if indexing is complete
  • Retrieve build performance metrics
  • Understand codebase scale

Input Parameters

None required.

Response Schema

{
  "project_path": "/absolute/path/to/project",
  "python_version": "3.11",
  "indexed_at": "2026-01-10T10:30:00Z",
  "build_duration_ms": 1234,
  "stats": {
"total_functions": 456,
"total_call_edges": 1203,
"total_modules": 89,
"total_files": 67,
"taint_summaries": 234
  }
}

Example

User Query:

Get project information and stats

AI Response:

Your project at /Users/you/backend has: • 456 functions across 67 files • 89 modules with 1203 call relationships • Indexed 5 minutes ago in 1.2 seconds • Python 3.11 detected

Tool 2: find_symbol

Locates functions, classes, or methods by name with partial matching support.

Purpose

  • Find symbols by name (exact or fuzzy)
  • Discover functions matching a pattern
  • Get symbol metadata (types, decorators, parameters)
  • Navigate to symbol definitions

Input Parameters

ParameterTypeRequiredDescription
namestringYesSymbol name or pattern to search for
limitintegerNoMax results to return (default: 20)
cursorstringNoPagination cursor for next page

Response Schema

{
  "symbols": [
{
  "name": "validate_user",
  "fully_qualified_name": "app.auth.validate_user",
  "type": "function",
  "file_path": "/project/app/auth.py",
  "line_number": 45,
  "metadata": {
    "return_type": "bool",
    "parameters": ["username", "password"],
    "decorators": ["@require_auth"],
    "is_async": false
  }
}
  ],
  "next_cursor": "abc123",
  "total_matches": 5
}

Example Queries

Find all functions named validate_user
Find symbols matching process_*
Locate the User class definition

Example Response

Found 3 matches for "validate_*": 1. validate_user (function) Location: app/auth.py:45 FQN: app.auth.validate_user Parameters: username, password Returns: bool 2. validate_email (function) Location: app/utils.py:123 FQN: app.utils.validate_email 3. validate_token (function) Location: app/auth.py:89 FQN: app.auth.validate_token

Tool 3: get_callers

Identifies all functions that invoke a target function (reverse call graph analysis). Answers "Who uses this function?"

Purpose

  • Find all callers of a function
  • Understand function usage
  • Identify impact of changes
  • Trace backwards in call graph

Input Parameters

ParameterTypeRequiredDescription
function_fqnstringYesFully qualified name of target function
limitintegerNoMax results to return (default: 20)
cursorstringNoPagination cursor for next page

Response Schema

{
  "target_function": "app.auth.validate_user",
  "callers": [
{
  "caller_fqn": "app.api.login_endpoint",
  "caller_file": "/project/app/api.py",
  "caller_line": 78,
  "call_sites": [
    {
      "file": "/project/app/api.py",
      "line": 82,
      "column": 12
    }
  ]
}
  ],
  "next_cursor": "xyz789",
  "total_callers": 12
}

Example Queries

What functions call validate_user?
Show me all callers of process_payment
Who uses the deprecated authenticate function?

Example Response

Found 12 functions that call app.auth.validate_user: 1. app.api.login_endpoint (app/api.py:82) 2. app.api.register_endpoint (app/api.py:145) 3. app.middleware.auth_middleware (app/middleware.py:34) 4. app.cli.login_command (app/cli.py:67) ... and 8 more (use pagination to see all)

Tool 4: get_callees

Lists all functions invoked by a given function (forward call graph). Answers "What does this function depend on?"

Purpose

  • Find function dependencies
  • Understand what a function calls
  • Trace forward in call graph
  • Analyze function complexity

Input Parameters

ParameterTypeRequiredDescription
function_fqnstringYesFully qualified name of source function
limitintegerNoMax results to return (default: 20)
cursorstringNoPagination cursor for next page

Response Schema

{
  "source_function": "app.api.login_endpoint",
  "callees": [
{
  "callee_fqn": "app.auth.validate_user",
  "callee_file": "/project/app/auth.py",
  "callee_line": 45,
  "resolution_status": "resolved",
  "call_site": {
    "file": "/project/app/api.py",
    "line": 82,
    "column": 12
  },
  "type_inference": {
    "confidence": "high",
    "method": "static_analysis"
  }
}
  ],
  "unresolved_calls": [
{
  "name": "external_api_call",
  "reason": "Dynamic import or external library"
}
  ],
  "next_cursor": "def456",
  "total_callees": 8
}

Example Queries

What functions does login_endpoint call?
Show dependencies of process_payment
What does the authenticate function depend on?

Example Response

app.api.login_endpoint calls 8 functions: Resolved (6): 1. app.auth.validate_user (app/auth.py:45) 2. app.db.get_user_by_email (app/db.py:123) 3. app.auth.generate_token (app/auth.py:89) 4. app.utils.log_event (app/utils.py:34) 5. app.db.update_last_login (app/db.py:156) 6. app.api.send_response (app/api.py:23) Unresolved (2): - redis.set (external library) - some_dynamic_function (dynamic resolution)

Tool 5: get_call_details

Provides granular information about a specific call between two functions.

Purpose

  • Get precise call site locations
  • Analyze call arguments
  • Understand type resolution
  • Debug specific call relationships

Input Parameters

ParameterTypeRequiredDescription
caller_fqnstringYesFully qualified name of caller function
callee_fqnstringYesFully qualified name of callee function

Response Schema

{
  "caller": "app.api.login_endpoint",
  "callee": "app.auth.validate_user",
  "call_details": {
"file": "/project/app/api.py",
"line": 82,
"column": 12,
"arguments": [
  { "name": "username", "value": "request.form['username']" },
  { "name": "password", "value": "request.form['password']" }
],
"resolution": {
  "status": "resolved",
  "confidence": "high",
  "method": "static_type_inference"
},
"context": {
  "in_try_block": true,
  "in_loop": false,
  "is_conditional": false
}
  }
}

Example Queries

Show me details of the call from login_endpoint to validate_user
Get call site information between process_payment and charge_card

Example Response

Call from app.api.login_endpoint to app.auth.validate_user: Location: app/api.py:82:12 Arguments: - username: request.form['username'] - password: request.form['password'] Resolution: High confidence (static type inference) Context: Inside try-except block

Tool 6: resolve_import

Maps Python import paths to actual file locations.

Purpose

  • Resolve import statements
  • Find module file paths
  • Handle ambiguous imports
  • Navigate import chains

Input Parameters

ParameterTypeRequiredDescription
import_pathstringYesImport path to resolve (e.g., "app.auth")

Response Schema

{
  "import_path": "app.auth",
  "matches": [
{
  "file_path": "/project/app/auth.py",
  "module_fqn": "app.auth",
  "match_type": "exact"
}
  ],
  "match_status": "exact" | "partial" | "ambiguous" | "not_found",
  "suggestions": [
"app.authentication",
"app.auth_utils"
  ]
}

Example Queries

Where is the import "app.auth" located?
Resolve the import path for utils.validators
Find the file for django.contrib.auth import

Example Response

Import "app.auth" resolves to: File: /project/app/auth.py Module: app.auth Match: Exact No ambiguity found.

Tool 7: find_module

Search for Python modules by name. Returns module information including file path and function counts.

Purpose

  • Find module file locations
  • Understand module structure and size
  • Navigate between modules
  • Discover modules by partial name

Input Parameters

ParameterTypeRequiredDescription
namestringYesModule name — FQN (myapp.auth) or short name (auth)

Example Queries

Find the auth module
Where is the models.user module?

Example Response

Found 2 modules matching "auth": 1. myapp.auth File: /project/myapp/auth.py Functions: 12 2. myapp.api.auth File: /project/myapp/api/auth.py Functions: 8

Tool 8: list_modules

List all modules in the indexed project with their file paths and function counts.

Purpose

  • Get a complete overview of project modules
  • Understand project structure
  • Find the largest/most complex modules

Input Parameters

None required.

Example Queries

List all modules in the project
Show me the project structure

Tool 9: find_dockerfile_instructions

Search Dockerfile instructions with semantic filtering. Supports instruction-specific filters for FROM, RUN, USER, EXPOSE, COPY, ADD, and more.

Purpose

  • Find unpinned base images (has_digest: false)
  • Locate specific instruction types
  • Audit exposed ports
  • Check USER directives for non-root enforcement

Input Parameters

ParameterTypeRequiredDescription
instruction_typestringNoFilter by type: FROM, RUN, USER, EXPOSE, COPY, ADD, WORKDIR, etc.
file_pathstringNoFilter by Dockerfile path (partial matching)
base_imagestringNoFilter FROM instructions by base image name (e.g., python, alpine)
portintegerNoFilter EXPOSE instructions by port number
has_digestbooleanNoFilter FROM instructions by digest pinning (true = pinned, false = unpinned)
userstringNoFilter USER instructions by username
limitintegerNoMax results (default: 100)

Example Queries

Find all Dockerfiles with unpinned base images
Show me all EXPOSE instructions on port 8080
Which Dockerfiles use the python base image?

Example Response

Found 3 unpinned FROM instructions: 1. Dockerfile:1 — FROM python:3.11-slim (no digest) 2. services/api/Dockerfile:1 — FROM node:18-alpine (no digest) 3. services/worker/Dockerfile:1 — FROM golang:1.21 (no digest)

Tool 10: find_compose_services

Search docker-compose services with configuration filters. Find services by name, privileged mode, volumes, or exposed ports.

Purpose

  • Find privileged containers (security risk)
  • Locate services exposing specific ports
  • Find services mounting sensitive volumes (e.g., Docker socket)
  • Audit service configurations

Input Parameters

ParameterTypeRequiredDescription
service_namestringNoFilter by service name (partial matching)
file_pathstringNoFilter by docker-compose.yml path
has_privilegedbooleanNoFilter by privileged mode (true = privileged only)
exposes_portintegerNoFilter services exposing a specific port
has_volumestringNoFilter services with a specific volume path
limitintegerNoMax results (default: 100)

Example Queries

Find all privileged containers in docker-compose
Which services mount the Docker socket?
Show services exposing port 443

Example Response

Found 1 privileged service: 1. web (docker-compose.yml:5) Image: nginx:latest Privileged: true Network mode: host Volumes: /var/run/docker.sock:/var/run/docker.sock Capabilities: SYS_ADMIN, NET_ADMIN

Tool 11: get_dockerfile_details

Get a complete breakdown of a single Dockerfile with all instructions and multi-stage build analysis.

Purpose

  • Understand full Dockerfile structure
  • Analyze multi-stage build dependencies
  • Check for security best practices (USER, HEALTHCHECK)
  • Identify unpinned images

Input Parameters

ParameterTypeRequiredDescription
file_pathstringYesPath to the Dockerfile

Example Queries

Show me the full breakdown of the API Dockerfile
Analyze the multi-stage build in services/app/Dockerfile

Example Response

Dockerfile: services/api/Dockerfile Total instructions: 15 Multi-stage: Yes (2 stages: builder, runtime) Summary: ✓ Has USER instruction (appuser) ✗ Missing HEALTHCHECK ⚠ 1 unpinned base image Stages: 1. builder (golang:1.21-alpine) 2. runtime (alpine:3.19)

Tool 12: get_docker_dependencies

Retrieve dependency information for Docker entities — compose services (depends_on) or Dockerfile stages (COPY --from). Traverses upstream and downstream dependency chains.

Purpose

  • Map service dependencies in docker-compose
  • Analyze multi-stage Dockerfile build order
  • Understand deployment topology
  • Trace dependency chains

Input Parameters

ParameterTypeRequiredDescription
typestringYesEntity type: compose or dockerfile
namestringYesEntity name: service name or stage name
file_pathstringNoFilter to specific file path
directionstringNoupstream (dependencies), downstream (dependents), or both (default)
max_depthintegerNoMaximum traversal depth (default: 10)

Example Queries

Show me all dependencies for the web service
What depends on the database service?
Show the build dependency chain for the Dockerfile builder stage

Example Response

Service: web (docker-compose.yml:12) Direction: both Upstream (web depends on): → api (docker-compose.yml:5) → redis (docker-compose.yml:20) Downstream (depends on web): → nginx (docker-compose.yml:30) Chain: redis → api → web → nginx

Pagination

Most tools support pagination for large result sets:

{
  "limit": 20,
  "cursor": "next_page_token_here"
}

To get the next page, use the next_cursor from the previous response:

Get callers of validate_user (next page with cursor abc123)

Error Handling

All tools return structured errors:

{
  "error": {
"code": "SYMBOL_NOT_FOUND",
"message": "Symbol 'invalid_function' not found in index",
"details": {
  "searched_name": "invalid_function",
  "suggestions": ["validate_function", "valid_function"]
}
  }
}

Common error codes:

  • SYMBOL_NOT_FOUND - Symbol doesn't exist
  • INVALID_FQN - Malformed fully qualified name
  • INDEX_NOT_READY - Project not yet indexed
  • PAGINATION_ERROR - Invalid cursor

Best Practices

  1. Start with get_index_info to verify the server is ready
  2. Use find_symbol for fuzzy matching before get_callers/callees
  3. Paginate large results instead of requesting everything at once
  4. Cache results when possible to reduce server load
  5. Use fully qualified names (FQN) for precise targeting