Qartez MCP - codebase intelligence for AI agents
Rust MCP server that pre-indexes a codebase with PageRank, blast-radius, git co-change, and complexity signals. Agents query the graph instead of grepping files.
Most code-intelligence tools for agents are wrappers around grep. Qartez takes the opposite approach - it pre-computes a knowledge graph of your repo and hands the agent structured queries against that graph, so the agent stops re-reading the same files to figure out who calls what.
The pitch in the README is roughly a 94% reduction in tokens spent on code exploration versus naive file scans. That number is going to vary wildly by codebase, but the qualitative shift is real: PageRank and blast-radius signals let an agent ask "what's the most central thing in this module?" without opening a single file.
What it actually computes
The index is a single SQLite database at .qartez/index.db. Per file and per symbol, it stores:
- PageRank importance - symbols weighted by how many other symbols depend on them
- Blast radius - transitive count of symbols affected by a change
- Git co-change - which files historically move together (default: 300 commits of history, configurable via
--git-depth) - Cyclomatic complexity - per-function, for the 21 imperative languages it parses for hotspots
Tree-sitter parses 37 languages including TypeScript, Rust, Go, Python, Java, Kotlin, Swift, C/C++, Ruby, PHP, Elixir, Zig, plus config-shaped things like Terraform/HCL, Dockerfile, Helm, and systemd units. A file watcher keeps the index live by default; pass --no-watch to disable.
The modification guard is the part to pay attention to
Qartez ships three binaries: the MCP server, a setup wizard, and qartez-guard. The guard is the bit nobody talks about and it is the most opinionated thing in the project.
When an agent attempts an Edit, Write, or MultiEdit on a file whose PageRank exceeds 0.05 or whose blast radius is >= 10, the edit is blocked. The only way through is for the agent to first call qartez_impact file_path=<path>, which surfaces what would break. That call grants a 10-minute edit window for that specific file, after which the gate closes again.
You can tune or kill it via env vars:
QARTEZ_GUARD_PAGERANK_MIN=0.05 # raise to be less strict
QARTEZ_GUARD_BLAST_MIN=10
QARTEZ_GUARD_ACK_TTL_SECS=600 # the 10-minute window
QARTEZ_GUARD_DISABLE=1 # off
This is the most useful piece for anyone running agents unattended. The default thresholds force a "look before you leap" check on the load-bearing files - the ones you actually care about - while leaving everything else untouched.
Quick start
One-liner install (macOS, Linux, Windows via WSL):
curl -sSfL https://qartez.dev/install | sh
Or via Cargo:
cargo install qartez-mcp
qartez-setup
The setup wizard auto-detects 19 supported clients in one pass - Claude Code, Claude Desktop, Cursor, Windsurf, Zed, Continue.dev, and the rest. To target a subset:
qartez-setup --ide cursor,zed,claude
If you'd rather wire it up by hand, the Claude Desktop config looks like:
{
"mcpServers": {
"qartez": {
"command": "/absolute/path/to/qartez",
"args": []
}
}
}
When to reach for it
- You're running long-horizon agents that re-explore the same repo on every session.
- You have a few load-bearing modules that get edited too casually - the guard pays for itself the first time it blocks a sloppy edit.
- You want git co-change signals (which files move together) without paying the cost of running
git logqueries on every turn.
When not to
- Tiny repos. The guard and the index are both overkill if the agent can hold the whole codebase in its head.
- Languages outside the 37-language list. Tree-sitter coverage is broad but not universal - niche DSLs fall back to nothing.
- Workflows where you specifically want the agent to read source files (e.g. learning the codebase, doing a security review). The graph is a supplement, not a replacement.
Trade-offs and rough edges
Semantic search (the qartez_semantic tool) is gated behind an optional Cargo feature and pulls a ~270 MB model on first use. If you don't need vector search, skip it - most of the value is in the structural signals.
Re-indexing on a large monorepo isn't free. The watcher amortises this for you, but the first index build on a fresh clone is the kind of thing you kick off and walk away from.
There's no cloud component. Everything is local: SQLite for state, tree-sitter for parsing, no API key required. That's a feature, not an oversight.
Featured in
Claude Code tools, plugins, and integrations
The best tools, MCP servers, and harnesses for getting more out of Claude Code - orchestration, observability, telemetry, and remote control.
MCP servers and Model Context Protocol tools
Production MCP servers, gateways, frameworks, and clients - everything in this directory that speaks the Model Context Protocol.
Related entries
trace-mcp - framework-aware codebase MCP for coding agents
MCP server with 138 tools and cross-language framework awareness (58 integrations across 81 languages). Indexes Laravel/Inertia/Vue, Rails/Hotwire, Django/HTMX edges so agents skip re-deriving call graphs. Decision memory links architectural choices to the code they're about. Local-first ONNX embeddings, optional LSP enrichment.
VTCode - Rust TUI coding agent with multi-provider support
Ratatui-based coding agent with Anthropic, OpenAI, Gemini, and Codex providers, plus local LM Studio/Ollama. Uses ast-grep for structured code search and supports MCP and Agent Client Protocol.
Graph-Hub - codebase as queryable knowledge graph
Local-first code intelligence layer that turns a codebase into a Kuzu-backed knowledge graph for Claude Code, Cursor, and other MCP clients. Reports up to 85% token savings vs grep-style retrieval.
lean-ctx - MCP context optimizer for AI coding agents
Rust MCP server plus shell hook that compresses context for Cursor, Claude Code, Copilot, Windsurf, Gemini CLI and 24 other tools. Single binary, zero telemetry.