openclaw-3d-blender-mcp Security Report — Trusted | ClawSafe

5 /100

openclaw-3d-blender-mcp

Instalación completa de Blender MCP para OpenClaw. Incluye setup local/remoto, ngrok, verificación, troubleshooting.

Blender MCP integration skill with clear documentation, legitimate subprocess usage for CLI tools, and standard TCP networking for remote Blender control. No malicious indicators detected.

Skill Nameopenclaw-3d-blender-mcp

Duration40.5s

Enginepi

✓

Safe to install

This skill is safe to use. All subprocess and network operations are declared in SKILL.md and are necessary for Blender MCP functionality.

Findings 1 items

Severity	Finding	Location
Low	Hardcoded ngrok endpoints in test scripts Some test scripts (test_direct.py, mcp_client.py) contain hardcoded ngrok endpoints (8.tcp.ngrok.io:16325). While convenient for testing, these are not documented in SKILL.md. `HOST = '8.tcp.ngrok.io'` → Consider using environment variables for host configuration, or document hardcoded endpoints in SKILL.md	`scripts/test_direct.py:12`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file writes detected
Network	`READ`	`READ`	✓ Aligned	TCP connections to Blender via ngrok tunnel
Shell	`WRITE`	`WRITE`	✓ Aligned	subprocess.Popen for uvx blender-mcp (documented in SKILL.md)
Environment	`NONE`	`READ`	✓ Aligned	Only reads BLENDER_HOST, BLENDER_PORT, DISABLE_TELEMETRY
Skill Invoke	`NONE`	`NONE`	—	N/A
Clipboard	`NONE`	`NONE`	—	N/A
Browser	`NONE`	`NONE`	—	N/A
Database	`NONE`	`NONE`	—	N/A

1 findings

🔗

Medium External URL 外部 URL

https://www.youtube.com/watch?v=dxlyCPGCvy8

SKILL.md:20

File Tree

18 files · 65.6 KB · 2448 lines

Python 13f · 1455L Markdown 3f · 975L Shell 1f · 12L JSON 1f · 6L

├─ ▾ 📁 references

│ ├─ 📝 common_errors.md Markdown 492L · 11.4 KB

│ └─ 📝 coordinate_system.md Markdown 305L · 7.5 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 blender_direct_v2.py Python 96L · 3.1 KB

│ ├─ 🐍 blender_direct.py Python 95L · 2.9 KB

│ ├─ 🐍 blender_wait.py Python 109L · 3.5 KB

│ ├─ 🐍 get_scene_info.py Python 104L · 2.8 KB

│ ├─ 🐍 http_bridge.py Python 111L · 3.2 KB

│ ├─ 🐍 mcp_client_full.py Python 152L · 4.5 KB

│ ├─ 🐍 mcp_client.py Python 77L · 2.1 KB

│ ├─ 🐍 mcp_persistent.py Python 114L · 2.9 KB

│ ├─ 🔧 start-server.sh Shell 12L · 258 B

│ ├─ 🐍 test_direct.py Python 88L · 2.5 KB

│ ├─ 🐍 test_modal.py Python 114L · 2.7 KB

│ ├─ 🐍 test_simple.py Python 66L · 2.3 KB

│ ├─ 🐍 test-connection.py Python 65L · 2.2 KB

│ └─ 🐍 verify_blender_connection.py Python 264L · 7.5 KB

├─ 📋 _meta.json JSON 6L · 296 B

└─ 📝 SKILL.md Markdown 178L · 4.0 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`uvx`	`any`	system	No	CLI tool, not a Python package

Security Positives

✓ All subprocess usage declared in SKILL.md via 'uvx blender-mcp' commands

✓ No credential harvesting or sensitive path access (.ssh, .aws, .env)

✓ No base64 encoding, eval(), or obfuscated code patterns

✓ No curl|bash or wget|sh remote script execution patterns

✓ No hidden instructions in HTML comments or elsewhere

✓ TCP networking is standard for Blender MCP/ngrok tunneling

✓ Environment variables used are relevant to Blender MCP (BLENDER_HOST, BLENDER_PORT, DISABLE_TELEMETRY)

✓ No data exfiltration or C2 communication patterns

✓ Legitimate CLI tool usage (subprocess for uvx blender-mcp)

✓ Well-structured, documented skill with clear purpose

Scan Report

Findings 1 items

File Tree

Dependencies 1 items

Security Positives