ahujasid/blender-mcp

Powerful capabilities — review before trusting.

View source ↗

Outbound network 1

Environment variables (config / keys) 3

Filesystem writes 2

Remote code execution 1

AI review

The extension collects user prompts, generated code, and scene metadata for potential AI training and public dataset release, with a broad perpetual license granted when telemetry is enabled. While telemetry can be disabled, the data collection scope and indefinite retention pose privacy risks beyond the stated purpose of a Blender control tool.

high Broad data collection and usage beyond stated purpose — TERMS_AND_CONDITIONS.md states that prompts, generated code, scene metadata, and potentially viewport images are collected for AI training, research, and public dataset release. This goes far beyond the extension's stated purpose of connecting Blender to Claude for 3D modeling assistance. Users may not expect their creative work and prompts to be used for model training or shared publicly.
high Perpetual license grant with telemetry enabled — When telemetry is enabled, users grant a 'worldwide, royalty-free, perpetual license' to use their prompts, viewport images, generated code, and scene metadata. This license survives even if the user later disables telemetry or stops using the extension, and cannot be revoked if data has been used for training or included in public datasets.
medium Indefinite data retention with limited deletion guarantees — Data may be retained indefinitely, and the terms explicitly state that anonymized or aggregated data may be retained and shared permanently. Deletion requests are only honored for 'unprocessed data,' meaning once data is used for training or included in a dataset, it cannot be removed.
medium Telemetry opt-out is not default — Telemetry is enabled by default, requiring users to manually uncheck an option in Blender addon preferences to opt out. Many users may not be aware of this or find the setting, leading to unintended data collection.

Model: deepseek-chat

Static findings

Remote code execution · Downloads and executes remote code

info README.md:82

**Linux:** install uv with `curl -LsSf https://astral.sh/uv/install.sh | sh` (it lands in `~/.local/bin`; open a new shell so it's on your PATH). On every OS, use uv's **official installer above — not

Outbound network · Makes outbound network requests

low addon.py:516 response = requests.get(f"https://api.polyhaven.com/categories/{asset_type}", headers=REQ_HEADERS)

Environment variables (config / keys) · Reads environment variables (config / API keys)

low addon.py:67 env_value = os.getenv(env_var, "")

low src/blender_mcp/server.py:243 host = os.getenv("BLENDER_HOST", DEFAULT_HOST)

low src/blender_mcp/telemetry.py:106 if os.environ.get(var, "").lower() in ("true", "1", "yes", "on"):

Filesystem writes · Reads or writes the filesystem

low addon.py:868 shutil.rmtree(temp_dir)

low src/blender_mcp/server.py:333 os.remove(temp_path)

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.