blender-mcp

SUSPICIOUS: the core behavior is coherent for a Blender-control skill, but the install path uses an unpinned raw GitHub addon from a different owner than the declared author, and the skill grants very broad arbitrary bpy execution. No clear credential theft or third-party interception is present, so this looks more like a high-power local automation skill with notable supply-chain and execution risk than confirmed malware.