MCP server for Autodesk Flame — clip control, timelines, and effects with RAG search, anti-hallucination safety, and self-learning
- capability exposureinferred+35
- recent driftinferred+20
- tool safetyinferred+25
- trust mitigatorsmixed−3
inferredmixed
The A–E grade is our heuristic synthesis — a "review this" prompt, not a verdict. Each factor is tagged by what backs it: attested (a verifiable record), reported (a third party's claim), or inferred (our own heuristic, e.g. permissions). See methodology.
graded 11m ago · see ecosystem CVEs →
- D · 69 → D · 77
- C · 49 → D · 69
no known CVEs for this server.
- highdangerous code
dynamic exec: eval()/exec(), __import__()
- highexfiltration comboresolve_concept
single tool reads + sends: fs, net
- mediumpurpose mismatchsearch_flame_docs
benign-looking name carries shell
analyzed commit ed3d817 · analyzer v17 · 1d ago
skills & prompt files 1
- agent-rulesabrahamADSK-flame-mcp-ed3d817/CLAUDE.md
danger signals3
- dynamic code executioneval()/exec()abrahamADSK-flame-mcp-ed3d817/hooks/flame_mcp_bridge.py:466
exec(compile(code, '<flame_mcp>', 'exec'), local_ns) - dynamic code execution__import__()abrahamADSK-flame-mcp-ed3d817/scripts/wiretap_sdk_smoke.py:145
WT = __import__(MODULE_NAME) - dynamic code executioneval()/exec()abrahamADSK-flame-mcp-ed3d817/src/flame_mcp/_workspace_snapshot.py:40
exec (success or failure), guaranteeing the next list reflects reality.
- recent drift+20 capability drift →
[](https://mcpobservatory.com/servers/github:abrahamADSK/flame-mcp/security) Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of abrahamADSK.