Deep Research Artifact ยท 2026-07-02

2026 Blender MCP Deep Research

Current state of Blender MCP, what it can do, what is risky, and how ForgeApps should use it alongside deterministic headless Blender automation.

TLDR

External Results

SourceDateClaim / EvidenceConfidence
GitHub: ahujasid/blender-mcpFetched 2026-07-02Open-source MCP to use Blender with any LLM; repo page showed 23.4k stars, 2.3k forks, 159 commits, and docs for scene/object/material/code/asset integrations.High
PyPI: blender-mcpLatest release 2026-06-11Package version 1.6.4, Python >=3.10, MIT license, release history through June 2026.High
Blender MCP server architectureUpdated 2026-03-11Documents AI client to MCP server to TCP socket to Blender add-on architecture, plus tools for scene info, objects, materials, assets, Python execution, and screenshots.Medium
MCP specSpec version 2025-06-18MCP uses JSON-RPC 2.0 and exposes resources, prompts, and tools; security guidance emphasizes consent, privacy, and tool safety.High
SMCP paperSubmitted 2026-02-01Identifies MCP ecosystem risks including unauthorized access, tool poisoning, prompt injection, privilege escalation, and supply-chain attacks.Medium
MCP threat modeling paperSubmitted 2026-03-23Highlights tool poisoning through tool metadata as a major client-side risk.Medium
MCP tool-description studyv3 revised 2026-05-31856 tools across 103 MCP servers were studied; many tool descriptions had quality issues that affect agent performance and cost.Medium

Internal Results

SourceDateClaim / EvidenceConfidence
.forgebot/skills/blender/SKILL.mdCurrent local fileTop-level ForgeBot Blender skill covers headless automation, conversion, rendering, procedural generation, and records blender-mcp as installed.Internal-high
.forgebot/skills/blender/references/...deep-research-report.mdLocal prior researchPrior work identified MCP-based Blender control as the fastest practical path for prompt-to-editable-scene workflows, while still recommending structured specs/seeds for repeatability.Internal-medium
.forgebot/skills/blender/scripts/selftest.tsCurrent local fileForgeApps already has deterministic TypeScript automation that creates and opens a random Blender scene via headless Blender.Internal-high
.forgebot/skills/blender/__tests__/blender-installed.test.tsCurrent local fileLocal test verifies Blender is installed and reports version.Internal-high

Findings

1. Center of gravity: Public evidence points to ahujasid/blender-mcp as the active 2026 implementation. Treat other names as leads until verified against active repos/packages.
2. Architecture: It is an MCP-to-socket bridge, not direct Blender embedding. Connection lifecycle, ports, and local trust boundaries matter.
3. Tool surface: Scene inspection, object/material manipulation, screenshots, assets, and Python execution are useful; arbitrary Python is the sharp edge.
4. Client support: Claude and Cursor look most mature; the project also documents VSCode/Cline-style clients, ChatGPT, Gemini CLI, and Ollama/local models.
5. Security trend: 2026 MCP research is increasingly focused on tool poisoning, prompt injection, metadata trust, and auditability.
6. ForgeApps split: Use MCP for interactive scene editing and exploration; use local scripts for deterministic production automation.

Recommended ForgeApps Path

  1. Keep the top-level blender skill as the canonical workflow entry.
  2. Add /blender mcp-status to verify uvx, blender-mcp version, add-on state, socket reachability, telemetry setting, and client conflicts.
  3. Pin launch config to uvx --python 3.11 blender-mcp with UV_PYTHON_PREFERENCE=only-managed.
  4. Default to DISABLE_TELEMETRY=true for ForgeFX/client work.
  5. Keep execute_blender_code behind explicit approval and do not feed untrusted external prompts into it unreviewed.
  6. Prefer constrained ForgeApps tools for production: create_scene_from_spec, inspect_scene, render_preview, export_glb.

Caveats

I did not find a currently verifiable separate "Blender-MCP-Server with 50+ tools" primary source during this pass. Local prior research mentions it, but the public evidence verified today points most strongly to ahujasid/blender-mcp. The Blender MCP website is a project/community site, not Blender Foundation documentation. The security papers are general MCP research, not Blender-specific audits.

Sources