Platter MCP Server

Platter is a well-designed MCP server with strong authentication options (OAuth 2.1, JWKS, bearer tokens) and deliberate security controls (path validation, command restrictions, sandboxing). However, the design intentionally exposes powerful capabilities (bash, JS execution, file write) with acknowledged limitations. The bash tool can bypass path restrictions, the JS tool is explicitly not sandboxed, and the `just-bash` sandbox is still beta. These are documented trade-offs rather than hidden vulnerabilities, but users must understand the blast radius. Code quality is good with proper input validation and no obvious credential leaks. Supply chain analysis found 5 known vulnerabilities in dependencies (0 critical, 3 high severity).

3 files analyzed · 13 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.