Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
FreeCAD MCP
v1.0.0Control FreeCAD via MCP to create and modify 3D models, automate CAD tasks, solve constraints, and integrate part libraries programmatically.
⭐ 0· 142·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the included files: this package implements an MCP RPC server, FreeCAD addon, and client bindings for agents. However documentation and examples reference additional tooling (uv / uvx, uvx/clawhub steps, and LLM integrations) that are not declared as requirements, and SKILL.md instructs the agent to point to port 9876 while the client code uses port 9875 — a documentation/port mismatch that can cause confusion.
Instruction Scope
The RPC API intentionally exposes execute_code which runs exec(code, globals()) inside the FreeCAD process; README and RPC code advertise this feature. While this is coherent with 'programmatic control' of FreeCAD, it is a powerful operation that lets any client that can connect to the RPC server execute arbitrary Python on the host (file I/O, network, launching processes). SKILL.md does not prominently warn about this risk. The addon code also reads/writes files in the user's FreeCAD Mod / appdata paths and writes temporary screenshot files.
Install Mechanism
No automated download/install spec in the registry entry; installation is manual (copy addon to FreeCAD Mod directory) or via clawhub/npn instructions in SKILL.md. No external archive downloads or obscure URLs appear in the package. This is a lower install risk, though manual file writes to the FreeCAD Mod path are required.
Credentials
The skill declares no required environment variables or credentials (consistent). Example client code references unrelated keys (e.g., GROQ_API_KEY) and external LLM models, but those are examples for the agent environment and are not required by the FreeCAD addon itself. This may confuse non-technical users; the skill does not justify third-party API keys in its top-level requirements.
Persistence & Privilege
always:false and no special platform privileges requested. The skill runs an RPC server inside FreeCAD and relies on the agent connecting to it; this is expected. Note that autonomous agent invocation is allowed by default — combined with the execute_code capability, that increases the potential blast radius if an agent is configured to call this tool without oversight.
What to consider before installing
This skill appears to implement a legitimate FreeCAD MCP server, but review the following before installing:
- Arbitrary-code execution: The RPC API includes execute_code which will run Python inside your FreeCAD process. Only use this on a trusted machine, restrict network access to localhost, and avoid exposing the RPC port to untrusted networks.
- Documentation mismatch: SKILL.md shows the MCP endpoint at port 9876 but client code uses 9875. Verify the actual port and configuration before connecting agents.
- Examples reference external tools/keys (uv/uvx, GROQ_API_KEY, LLM models) that are not required by the addon itself — don’t provide unrelated API keys unless you understand why an example needs them.
- Installation writes into your FreeCAD Mod directory; inspect the addon files locally before copying them and consider running inside an isolated environment or VM if you want to be cautious.
If you plan to use this skill, audit/limit which agents can connect to the RPC server, and avoid running it on machines with sensitive data or exposed network services.Like a lobster shell, security has layers — review code before you run it.
3dvk97fne5sw5rkwy3dh14957sy4s837c3ccadvk97fne5sw5rkwy3dh14957sy4s837c3cfreecadvk97fne5sw5rkwy3dh14957sy4s837c3clatestvk97fne5sw5rkwy3dh14957sy4s837c3cmcpvk97fne5sw5rkwy3dh14957sy4s837c3cmodelingvk97fne5sw5rkwy3dh14957sy4s837c3c
License
MIT-0
Free to use, modify, and redistribute. No attribution required.