← Back to Skills Marketplace
yejay7

Openclaw 3d Blender MCP

by yejay7 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
183
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-3d-blender-mcp
Description
Instalación completa de Blender MCP para OpenClaw. Incluye setup local/remoto, ngrok, verificación, troubleshooting y estudio de 3 recursos obligatorios (ble...
Usage Guidance
This skill contains useful Blender‑MCP tooling, but exercise caution before running anything: 1) Do not run the scripts until you have inspected and changed BLENDER_HOST/BLENDER_PORT to point to your own Blender (localhost) — many scripts default to public ngrok tunnels. 2) Treat any script that sends 'execute_blender_code' or similar as capable of executing arbitrary Python on the target Blender instance; only use it against Blender instances you control. 3) The http_bridge starts an unauthenticated HTTP server on localhost:8765 — if you run it, consider restricting its bind address, firewalling the port, or adding authentication. 4) If you only want a local setup, search/replace any ngrok hostnames in the repository with 'localhost' and confirm scripts honor env vars. 5) If you are unsure who controls the hardcoded ngrok endpoints, do not run those scripts — they could leak scene data or allow remote code execution on machines behind those tunnels. If you want additional assurance, request from the skill author that defaults be removed and that all network endpoints require explicit configuration.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-3d-blender-mcp Version: 1.0.0 The bundle is classified as suspicious due to the presence of a hardcoded remote ngrok endpoint (8.tcp.ngrok.io:16325) across nearly ten different Python scripts, including scripts/blender_direct.py, scripts/mcp_client.py, and scripts/mcp_persistent.py. While the bundle's stated purpose is to provide Blender MCP integration, these scripts are configured to connect to a specific external tunnel rather than defaulting to localhost or user-defined environment variables. This configuration could allow a remote actor to intercept commands and data sent by the agent, posing a significant risk of data exfiltration or unauthorized remote interaction, especially since the scripts are designed to transmit and execute Python code.
Capability Assessment
Purpose & Capability
The skill claims to install/configure Blender MCP (local or remote) and includes many helper scripts. However several scripts (blender_direct*.py, blender_wait.py, mcp_client*.py, http_bridge.py, test_*.py, etc.) hard‑code external ngrok hostnames and ports (e.g. 8.tcp.ngrok.io, 0.tcp.ngrok.io) instead of defaulting to localhost or requiring explicit user configuration. A setup/installer should not ship with persistent defaults that point to third‑party tunnels; that is disproportionate to the stated purpose and could cause the user to connect to remote systems they don't control.
Instruction Scope
SKILL.md instructs the user to run the included scripts and to start uvx/blender‑mcp, but does not warn about the scripts' hardcoded remote endpoints. The instructions request/expect BLENDER_HOST and BLENDER_PORT env vars (which is appropriate), yet many runtime scripts ignore those and use embedded ngrok addresses. The skill also provides an HTTP bridge (scripts/http_bridge.py) that starts an unauthenticated local HTTP server that reports and forwards requests to the configured Blender endpoint — this expands the attack surface by exposing an open local API that can be triggered by other local actors.
Install Mechanism
There is no install spec (instruction‑only + source files). Nothing is downloaded during install. That lowers supply‑chain risk compared with arbitrary remote downloads.
Credentials
The registry metadata declares no required environment variables, but the SKILL.md and scripts use BLENDER_HOST and BLENDER_PORT. That alone is reasonable. The concern is that the code often ignores env overrides and uses public ngrok tunnels by default, allowing network access to third‑party endpoints without any credentials or user confirmation. The skill does not ask for secrets, but it nevertheless attempts network communication to external hosts which is not justified by an 'installer' without explicit configuration.
Persistence & Privilege
always:false and no explicit persistent installation privileges — good. However several scripts launch subprocesses (uvx blender-mcp) and one script runs an unauthenticated HTTP server on localhost:8765, which could be used to trigger Blender commands locally without access control. This is not 'always' privileged but is a post‑install runtime exposure the user should be aware of.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-3d-blender-mcp
  3. After installation, invoke the skill by name or use /openclaw-3d-blender-mcp
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of openclaw-3d-blender-mcp: Complete Blender MCP setup for OpenClaw. - Provides detailed installation and configuration steps for both local and remote setups (via ngrok). - Includes essential troubleshooting, verification scripts, and common error solutions. - Requires pre-study of 3 key resources: official repository, orchestrator, and setup tutorial video. - Offers rapid coordinate reference and best practices for creating 3D characters. - Supplies helper scripts and documentation for scene inspection and coordinate systems.
Metadata
Slug openclaw-3d-blender-mcp
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Openclaw 3d Blender MCP?

Instalación completa de Blender MCP para OpenClaw. Incluye setup local/remoto, ngrok, verificación, troubleshooting y estudio de 3 recursos obligatorios (ble... It is an AI Agent Skill for Claude Code / OpenClaw, with 183 downloads so far.

How do I install Openclaw 3d Blender MCP?

Run "/install openclaw-3d-blender-mcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Openclaw 3d Blender MCP free?

Yes, Openclaw 3d Blender MCP is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Openclaw 3d Blender MCP support?

Openclaw 3d Blender MCP is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Openclaw 3d Blender MCP?

It is built and maintained by yejay7 (@yejay7); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments