chapplin
Verified Safeby ssssota
Overview
A framework for building type-safe ChatGPT applications (MCP servers) with JSX-based UI rendering, supporting multiple server and UI frameworks.
Installation
npm run devEnvironment Variables
- GITHUB_TOKEN
Security Notes
The core framework avoids direct use of highly risky functions like 'eval'. Input/output schemas are defined using Zod, contributing to data validation and type safety. The architecture separates server logic from client-side widget rendering, with client code bundled statically, reducing attack surface. While child_process.execSync and spawn are used, they are confined to end-to-end testing scripts, not the runtime server or client code. No obvious hardcoded secrets or malicious patterns were found. As a framework, the ultimate security of an application built with Chapplin depends on the developer's implementation choices and third-party dependencies.
Similar Servers
aderyn
A powerful Solidity static analyzer that provides structured access to smart contract code, ASTs, and analysis results via a Model Context Protocol (MCP) server or Language Server Protocol (LSP), primarily intended for AI agents or advanced tooling.
thought-chain-mcp
Transforms any AI model into an advanced reasoning engine by providing structured, persistent step-by-step thinking capabilities and allowing recall of past thought processes.
kerneldev-mcp
An MCP server for intelligent Linux kernel configuration management, building, and filesystem regression testing, including advanced device management for performance optimization.
mcpinspect
A CLI tool to inspect MCP (Model Context Protocol) servers configured for Claude Code.