Postman MCP Server
Operate on the Postman API to manage collections, environments, and workspaces via MCP.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for Postman MCP Server, derived from its capabilities.
AIVSS 9.3 · Critical
View MAESTRO 7-layer threat model →These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.
Overview
Postman's MCP server lets agents manage collections, environments, and workspaces through the Postman API. Environments often hold API secrets, so token scope and environment exposure are the main confidentiality risks.
Key features
- Collection and workspace management
- Environment access
- Postman API tooling
Use cases
- Manage API collections from an agent
- Automate Postman workspace tasks