⚡ Zeus RPG PromptKit – Evidence-First Analysis for IBM i, RPG, and Long-Lived Legacy Systems

Concept image: Zeus RPG PromptKit
Zeus RPG PromptKit collects, normalizes, and analyzes RPG, CL, and DDS source code, enriches it with Db2 context where needed, and turns it into traceable artifacts for development, architecture, QA, modernization, and controlled AI-assisted workflows.
Legacy code is rarely just “old code.” Long-lived IBM i systems often contain decades of accumulated business knowledge: rules, exceptions, interfaces, data flows, and operational processes that keep the business running every day—even when they are no longer fully documented.
The real challenge is therefore rarely understanding one RPG program in isolation. What matters is the surrounding system: Which programs call one another? Which files, fields, and tables are involved? Which Db2 structures, triggers, or dynamic SQL paths affect the outcome? And what might break when a seemingly minor change is introduced?
That is where Zeus RPG PromptKit comes in. The open-source project acts as an evidence preparation layer between long-lived IBM i logic and the developers, reviewers, architects, or AI assistants expected to understand and evolve it.
Build reliable evidence before involving AI—and keep evaluation, decisions, and approval in human hands.
Important: Zeus is not an autonomous business-code generator, nor is it a substitute for RPG expertise, domain knowledge, peer review, or testing. It produces context, evidence, and reviewable artifacts. People remain responsible for interpretation, changes, validation, and approval.
Project status: Zeus RPG PromptKit is under active development. The primary supported path is CLI- and MCP-first. The local browser interface provided by zeus serve remains an optional, experimental viewer for artifacts that have already been generated. CLI contracts, workflows, output formats, and experimental integrations may evolve between releases.
Current source code and documentation: github.com/gzeuner/zeus-rpg-promptkit
🔎 Contents
- 🧩 Why IBM i analysis needs more than a single source member
- ⚙️ What an evidence preparation layer actually does
- 🔄 From source code to a reviewable analysis model
- ✨ What Zeus already covers today
- 📊 Reports, graphs, and canonical analysis artifacts
- 🔍 Investigation, impact, and review workflows
- 🛠️ CLI-first and reproducible by design
- 🤖 Local MCP integration for controlled AI agents
- 🧩 Extensible API and VS Code integration
- 🔐 Safety levels, Secret Vault, and safer sharing
- ⚡ Local quickstart
- 👥 Who Zeus RPG PromptKit is for
- 🧭 What the toolkit deliberately does not replace
- 🌍 Open source, transparency, and trademark notice
- 💡 Conclusion: understand legacy before changing it
- 📚 Sources and further reading
🧩 Why IBM i Analysis Needs More Than a Single Source Member
AI demonstrations for software engineering can be genuinely impressive: explain a program, generate documentation, propose tests, or outline a modernization path. Those capabilities can be valuable in IBM i environments as well.
In a real production landscape, however, a single RPG source member is rarely enough. An application is typically a network of connected elements:
- RPG, CL, and DDS sources
- programs, procedures, service programs, and call structures
- source members spread across multiple libraries
- physical and logical files
- Db2 tables, views, aliases, keys, and triggers
- field usage and data flows
- dynamic SQL and external interfaces
- special-case logic accumulated over many years
Without that wider context, plausible explanations can quickly turn into unreliable conclusions. An AI assistant may describe what a program appears to do in polished, confident language while still missing an indirect dependency, a trigger, or a reference resolved only at runtime.
Zeus RPG PromptKit prepares that context while keeping resolved relationships, open questions, and the underlying evidence visible.
⚙️ What an Evidence Preparation Layer Actually Does
Zeus is not positioned as a magical modernization engine. It is a technical layer that collects evidence from source code and metadata, normalizes it, and turns it into a structured model that people can inspect and challenge.
The goal is not to hide uncertainty. Quite the opposite: confidently resolved relationships should remain distinguishable from incomplete, ambiguous, or unresolved references.
That helps teams answer questions such as:
- Which programs, procedures, files, and tables are connected?
- Where is a particular field read, changed, or passed downstream?
- What could be affected by a planned change?
- Which references have been resolved confidently, and which remain uncertain?
- Which Db2 metadata is still missing from the analysis?
- Which parts of the resulting context can be shared with an AI client in a controlled way?
Zeus is vendor-neutral when it comes to AI. Its artifacts can be used with ChatGPT, GitHub Copilot, Claude, local models, or no AI at all. They are equally useful in architecture reviews, tickets, documentation, QA processes, and onboarding.
🔄 From Source Code to a Reviewable Analysis Model
The standard workflow is intentionally explicit and easy to audit:
| Step | What happens? | Outcome |
|---|---|---|
| 1. Validate | doctor checks the runtime, profiles, Java, credentials, and connection settings. |
Transparent runtime configuration |
| 2. Collect | Zeus uses local sources or retrieves source members and IFS content from IBM i through read-oriented workflows. | A normalized local source set |
| 3. Analyze | RPG, CL, and DDS are scanned for calls, files, fields, entities, and references. | A canonical evidence model |
| 4. Enrich | Optional Db2 metadata adds tables, columns, keys, views, aliases, triggers, and related context. | Deeper database and runtime context |
| 5. Review | People inspect reports, graphs, JSON artifacts, and unresolved references. | A technical foundation suitable for review |
| 6. Investigate | Impact analysis, risk assessment, test planning, targeted investigation, or AI assistance builds on the artifacts. | Traceable planning instead of guesswork |
This process is deliberately less dramatic than a “modernize everything with one click” promise. For business-critical systems, that restraint is a feature rather than a limitation.
✨ What Zeus Already Covers Today
The project has expanded considerably since the first version of this article. What began with a focus on analysis and AI-ready prompts is evolving into an extensible, safety-first analysis platform.
| Area | Capability |
|---|---|
| Source collection | Read source members and IFS content through SFTP, JT400, or FTP and store them locally |
| Static analysis | Scan RPG, CL, and DDS sources, detect entities, and extract references |
| Dependencies | Expose program calls, file and table usage, fields, cross-references, and reverse-impact relationships |
| Db2 context | Read tables, columns, keys, triggers, views, aliases, and other metadata without modifying the system |
| Evidence artifacts | Generate Markdown reports, JSON models, Mermaid graphs, manifests, and task-specific AI prompts |
| Investigation | Search existing analysis results and deepen an investigation step by step |
| Review and planning | Prepare impact reports, risk assessments, test scenarios, QA output, checklists, and review bundles |
| AI integration | Expose selected local MCP tools, curated resources, and prompt contracts under explicit controls |
| Extensibility | Register custom analyzers, analysis stages, plugins, and MCP tools through a programmatic API |
| Editor integration | Use an experimental VS Code extension with local analysis and optional Code for IBM i integration |
Not every area has the same maturity level. MCP, the local viewer, PUI-related functionality, and the VS Code integration should still be treated as experimental. The generated tool catalog in the repository remains the authoritative reference for current commands, options, scopes, and safety levels.
📊 Reports, Graphs, and Canonical Analysis Artifacts
An analysis run does not produce one opaque block of generated prose. It produces a set of connected, inspectable files.
| File | Purpose |
|---|---|
report.md |
Concise program summary |
architecture-report.md |
Structure, call relationships, and dependencies |
canonical-analysis.json |
Complete entity and evidence model for the analysis run |
ai-knowledge.json |
Token-optimized AI context for that specific run |
ai_prompt_*.md |
Ready-to-use, task-specific prompt artifacts |
dependency-graph.mmd |
Mermaid dependency graph |
analyze-run-manifest.json |
Run metadata and an inventory of generated artifacts |
An important distinction: ai-knowledge.json is not a permanent, reusable knowledge base. It is a projection of one analysis run and may contain project-specific or sensitive information.
For future project-neutral knowledge assets, Zeus maintains a separate knowledge pipeline with explicit areas for raw evidence, sanitized candidates, final catalog contracts, and fail-closed privacy gates. Project data derived from source code does not automatically become reusable toolkit knowledge.
🔍 Investigation, Impact, and Review Workflows
Analysis rarely ends with one report. Reading the first results usually raises better questions: Where does a value originate? Which error paths exist? Which programs use a field indirectly? Which tables might be affected by a proposed change?
Zeus now provides dedicated search, investigation, and review paths. Relevant commands include:
investigate– deepen an existing analysis around a specific goalsearch-source– search local source trees for concrete patternsfield-search– inspect field and table usage locally or remotelytraceandxref– follow relationships and referencesimpact– generate reverse-impact analysis by program, field, or targetassess-risk– summarize technical risk in a structured formgenerate-test– prepare test scenarios and test plansgenerate-checklist– create change and deployment checklistsqa– render QA findings as Markdown, JSON, or Jira-oriented outputbundle– package selected artifacts for review or safer sharing
Workflow presets are also available for common tasks such as onboarding, architecture reviews, security reviews, modernization assessment, dependency risk, refactoring, and test generation.
Example: moving from analysis to focused investigation
node cli/zeus.js analyze \
--source ./rpg_sources \
--program ORDERPGM \
--out ./output \
--optimize-context \
--dense full
node cli/zeus.js investigate \
--program ORDERPGM \
--profile dev \
--goal "Review error paths and potential side effects"
node cli/zeus.js impact \
--field RECORD_ID \
--program ORDERPGM \
--source ./rpg_sources \
--out ./output
🛠️ CLI-First and Reproducible by Design
Zeus RPG PromptKit remains deliberately CLI-first. The command line is not a fallback interface; it is the primary supported path for reproducible analysis and context-building workflows.
That brings several practical advantages:
- Commands can be documented and repeated.
- Profiles and environments remain traceable.
- Outputs can be versioned, compared, and integrated into CI pipelines.
- Reviewers can see which step created which artifact.
- AI clients interact with defined tools and files instead of an invisible black box.
Useful options for larger programs and stable runs include:
| Option | Purpose |
|---|---|
--dense lite|full|ultra |
Rank-aware reduction and compaction for reports and prompts |
--prompt-max-tokens |
Set a token budget for generated prompt artifacts |
--skip-db2-metadata |
Run analysis without Db2 enrichment |
--with-known-facts |
Explicitly include local, profile-scoped known facts |
--safe-sharing |
Reduce sensitive content before external sharing |
--reproducible |
Generate stable output for CI, tests, and comparisons |
--json |
Use machine-readable command output |
The local browser interface started through serve can make reports and graphs easier to review. It does not replace explicit shell environment loading or the CLI and MCP commands used for analysis, source collection, Db2 access, and remote validation.
🤖 Local MCP Integration for Controlled AI Agents
A major step in the project’s development is its local MCP integration. Through MCP, Zeus can expose selected tools and resources to compatible AI clients.
The design goal is explicitly not: “Let the agent do everything.”
Instead, the emphasis is on boundaries and traceability:
- local
stdiotransport rather than an openly reachable remote service - a safe, read-oriented default surface
- an explicit tool allowlist for each task
- masking of common secrets in responses and errors
- an append-only audit trail under
.local/mcp/audit/ - timeouts and response-size limits
- workspace boundaries, including checks for absolute paths
- write operations blocked by default
Start the local MCP server
node cli/zeus.js mcp serve --stdio true --verbose
For real-world workflows, use --allow-tools to expose only the tools required for the task at hand.
SQL write operations are handled particularly strictly. Planning and execution are separate. An apply path requires several explicit approvals, compatible profile rules, and a confirmation token. Production profiles remain blocked for such paths.
That distinction matters. The objective is not maximum autonomy, but controlled assistance with visible, enforceable boundaries.
🧩 Extensible API and VS Code Integration
In addition to the CLI, the package exports a programmatic API that can be used to register custom analyzers, analysis stages, plugins, and MCP tools.
const { zeus } = require('zeus-rpg-promptkit/api');
zeus.analyzers.registerAnalyzer('my-analyzer', {
run(context) {
return { customEvidence: true };
}
});
zeus.registerPlugin(myPlugin);
This moves Zeus beyond a fixed command-line utility and toward an extensible analysis and context engine.
An experimental editor integration is also taking shape under vscode-extension/. Its intended capabilities include:
- analyzing the currently open RPG program or source member,
- displaying local analyses and reports inside the editor,
- using the same Zeus API as the CLI and MCP integration,
- working alongside Code for IBM i,
- and remaining useful through a local fallback when no IBM i connection is active.
The extension is still a foundation under development and is not yet the project’s primary delivery path. Strategically, however, it matters: it brings the analysis engine closer to the everyday workspace of IBM i developers.
🔐 Safety Levels, Secret Vault, and Safer Sharing
Zeus distinguishes between local reads, local artifact generation, remote access, and controlled write paths.
| Level | Meaning | Typical action |
|---|---|---|
S0 |
Local read-only | Read files, validate configuration, inspect artifacts |
S1 |
Local write | Generate reports, bundles, prompts, and analysis artifacts |
S2 |
Remote read-only | Read IBM i or Db2 without changing data or objects |
S3 |
Controlled write | Execute DML only with explicit approval and guardrails |
S4 |
Operator-gated high risk | Bridge-, apply-, or compile-style actions; never implicit |
The main guardrails are straightforward:
- Read-only is the default for both local and remote analysis workflows.
- Risky actions must be visible, justified, and explicitly approved.
- Changes should be prepared locally first as a plan, diff, or artifact wherever possible.
- Production profiles remain blocked for write paths that have not been explicitly enabled.
- Local output, audit files, and bundles may contain sensitive business logic.
- Use
--safe-sharingwhen preparing material for external review.
Secret Vault instead of plaintext passwords
Credentials do not belong in commits or shared profiles. Zeus supports encrypted values in the enc:v1:... format and resolves them during runtime configuration.
# Create a local key
node cli/zeus.js secret init-key
# Prefer stdin to avoid storing the password in shell history
printf '%s' 'MySecretPassword' | node cli/zeus.js secret encrypt
# Check key status and secret hygiene
node cli/zeus.js secret status
node cli/zeus.js secret check
node cli/zeus.js doctor --profile dev --strict
On Windows, the local key can also be protected through DPAPI.
⚡ Local Quickstart
You do not need access to an IBM i system to get a first impression. The repository includes a synthetic mini-system with reproducible demo artifacts.
Requirements
- Node.js 20 or newer
- Java 11 or newer for JT400- and Db2-related functions
- optional: IBM i access for source collection, discovery, or Db2 workflows
Install and run the demo
git clone https://github.com/gzeuner/zeus-rpg-promptkit.git
cd zeus-rpg-promptkit
npm install
npm run demo:run
Typical demo output:
examples/demo-rpg-mini-system/output-baseline/report.md
examples/demo-rpg-mini-system/output-baseline/architecture-report.md
examples/demo-rpg-mini-system/output-baseline/ai-knowledge.json
examples/demo-rpg-mini-system/output-baseline/dependency-graph.mmd
Optionally, start the local viewer:
node cli/zeus.js serve \
--source-output-root ./examples/demo-rpg-mini-system/output-baseline
The local interface will then be available at http://127.0.0.1:4782.
Analyze your own local sources
node cli/zeus.js analyze \
--source ./rpg_sources \
--program ORDERPGM \
--out ./output \
--optimize-context \
--dense full
For a new IBM i environment, the documented onboarding sequence is:
- create a local profile,
- load the environment variables,
- run
doctor --probe --show-resolved, - inspect the environment in read-only mode with
discover-environment, - verify objects with
resolve-object, - collect the required sources and analyze them locally.
👥 Who Zeus RPG PromptKit Is For
The toolkit is aimed at people and teams that need to understand, document, review, or modernize long-lived IBM i environments in a controlled way.
Typical users include:
- IBM i and RPG developers
- software and solution architects
- modernization and migration teams
- QA and testing teams
- consultants and technical project leads
- onboarding and documentation teams
- teams using AI-assisted analysis or review workflows
Zeus is particularly valuable when a system runs reliably but knowledge about it is scattered across people, source members, libraries, and historical documents.
Many legacy systems do not suffer primarily because they are old. They suffer because their relationships, assumptions, and side effects are difficult to see.
🧭 What the Toolkit Deliberately Does Not Replace
Zeus RPG PromptKit does not replace domain expertise or responsible engineering.
The project does not:
- autonomously write business code to IBM i,
- perform unreviewed production changes,
- guarantee a complete analysis when the available sources are incomplete,
- turn an AI-generated answer into a reliable decision by default,
- replace testing, peer review, approval, deployment, or operational processes,
- act as an official IBM product or claim any affiliation with IBM.
Even an excellent dependency graph remains a model of the evidence available to the tool. Dynamic calls, generated code, external systems, and missing sources can all impose limits. Serious analysis also means making those limits visible.
🌍 Open Source, Transparency, and Trademark Notice
Zeus RPG PromptKit is licensed under the Apache License 2.0 and developed publicly on GitHub.
Its transparency model includes:
- open source code,
- local execution,
- reproducible CLI commands,
- visible reports and JSON artifacts,
- a generated tool catalog as the authoritative reference,
- explicit safety levels and documented guardrails,
- a clear separation between the toolkit, the AI client, and human responsibility.
💡 Conclusion: Understand Legacy Before Changing It
Discussions about legacy systems are often unnecessarily polarized.
One side argues that anything old should be replaced as quickly as possible. The other treats almost every change as an unacceptable risk. Neither position reflects the reality of most long-lived IBM i environments.
Many of these systems contain stable processes, valuable business logic, and knowledge refined over decades. At the same time, they need better transparency, modern analysis techniques, and documentation that does not exist only in the heads of a few experienced people.
That is the gap Zeus RPG PromptKit is designed to address—not as a substitute for RPG expertise, but as a way to make existing systems more understandable and reviewable.
It does so through:
- local, reproducible analysis,
- a canonical evidence model,
- dependency and impact analysis,
- Db2 context,
- reviewable reports and bundles,
- controlled MCP integration,
- an extensible API,
- and AI context grounded in visible evidence.
The interesting part is not simply that Zeus “uses AI.” The interesting part is how AI is introduced: locally, selectively, audibly, and on top of artifacts that people can inspect.
The tiny-tool.de perspective: AI is most useful when it does not have to guess. Anyone documenting, analyzing, or modernizing a legacy system should first establish what is actually there.
Because in long-lived systems, context is not optional: ignore it, and you eventually misunderstand both the code and the business behind it.
📚 Sources and Further Reading
- GitHub repository: https://github.com/gzeuner/zeus-rpg-promptkit
- README and project overview: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/README.md
- Tool catalog: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/docs/tool-catalog.md
- Documentation hub: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/docs/index.md
- Five-minute quickstart: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/docs/quickstart/5-minutes.md
- Onboarding a new IBM i: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/docs/quickstart/onboarding-new-ibm-i.md
- MCP Operator Guide: https://github.com/gzeuner/zeus-rpg-promptkit/blob/main/docs/mcp/operator-guide.md
- JTOpen / IBM Toolbox for Java: https://github.com/IBM/JTOpen
- Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0
- Node.js: https://nodejs.org/
Last updated: July 10, 2026
🔎 Frequently Asked Questions About Zeus RPG PromptKit
What is Zeus RPG PromptKit?
Zeus RPG PromptKit is an open-source toolkit for collecting, normalizing, and analyzing RPG, CL, and DDS sources. It can enrich the analysis with Db2 metadata and generate traceable reports, graphs, JSON models, and AI-ready context.
Can Zeus modernize RPG applications automatically?
No. Zeus analyzes, structures, and prepares evidence for change. It does not replace domain knowledge, peer review, testing, or approval.
Do I need an IBM i system to run the demo?
No. The repository includes a synthetic demo system that can be run locally with Node.js.
Can Zeus be used with AI assistants?
Yes. The generated artifacts are vendor-neutral. Zeus also includes an experimental local MCP integration for controlled and auditable agent workflows.
Does Zeus write to IBM i or Db2?
Read-only is the default. Controlled write paths have separate safety levels and require explicit approval and guardrails. Production profiles remain blocked for apply paths that have not been deliberately enabled.
Is Zeus an IBM product?
No. Zeus RPG PromptKit is an independent open-source project and is not affiliated with IBM.



tiny-tool.de