Kiln
SuspiciousAudited by ClawScan on May 13, 2026.
Overview
Kiln appears purpose-aligned, but it gives agents broad autonomous control over real 3D printers and possible fulfillment workflows, which deserves careful review before enabling.
Install only if you are comfortable letting an AI agent control real 3D printers. Verify the external kiln3d package, start with one non-critical printer, require explicit approval for print starts, fleet actions, recovery steps, purchases, and fulfillment, and use scoped/revocable credentials.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could start or alter real printer jobs, interact with heated/moving equipment, consume materials, or trigger fulfillment-related work if configured.
This shows the skill is intended to let agents perform high-impact physical and possibly fulfillment-related actions without a human intermediary; the provided artifacts do not clearly define per-action approval requirements.
an agent can design a part, slice it, queue it on the right printer, monitor the camera, recover from failures, and ship the result. No human in the middle.
Use explicit approval gates for print starts, cancellations, recovery actions, purchases, and external fulfillment; begin with a single test printer and restrict autonomous invocation.
A mistaken or unsafe job could affect multiple printers, sites, or future jobs rather than only one local device.
Multi-site fleet control can amplify one bad model, command, or agent decision across multiple printers if containment, rate limits, or approval boundaries are not configured.
Fleet management with multi-site, multi-printer support
Limit the initial scope to one printer, require review for bulk/fleet actions, and use site/printer-level permissions and rate limits.
If exposed or over-scoped, printer credentials could allow unwanted access to printer controls, job queues, or device state.
Printer API credentials are expected for printer control and are marked secret, but they can grant meaningful control over a physical device.
"KILN_PRINTER_API_KEY", "description": "API key for your printer's REST API", "isSecret": true
Use the least-privileged printer credentials available, store them as secrets, avoid sharing logs that include configuration, and revoke keys if the integration is removed.
The installed package will determine the actual printer-control behavior, so registry review of the instruction files alone is incomplete.
The skill relies on an external PyPI package for runtime behavior; this is normal for the stated purpose, but the executable package contents were not included in the artifact scan.
pip install kiln3d
Verify the PyPI package and GitHub repository, pin the intended version, and install in an isolated environment before connecting real printers.
Bad print data or proprietary design information may be reused in later recommendations or synchronized features if enabled.
The artifacts describe persistent learning from print outcomes that may influence future generations; this is purpose-aligned but creates retained context that could be wrong, poisoned, or sensitive.
Cross-printer learning, automatic failure recovery, closed-loop AI generation feedback (failed prints auto-improve future generations)
Review retention, cloud sync, and learning settings; disable cross-printer learning for sensitive projects until its boundaries are clear.