Skip to content

chore(deps): update dependency blender-mcp to v1.6.4#718

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/blender-mcp-1.x
Open

chore(deps): update dependency blender-mcp to v1.6.4#718
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/blender-mcp-1.x

Conversation

@renovate

@renovate renovate Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
blender-mcp 1.5.61.6.4 age confidence

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label Jul 3, 2026
@toolhive-release-app

toolhive-release-app Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🔒 MCP Security Scan Results

❌ blender-mcp

  • Status: Failed
  • Tools scanned: 22
  • Vulnerabilities found: 9

Security issues detected:

  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").
  • [AITech-1.1] Explicit attempts to override, replace, or modify the model's system instructions, operational directives, or behavioral guidelines through direct user input, causing the model to follow attacker-controlled instructions instead of its intended programming (e.g., "Ignore previous instructions").

Allowed issues (not blocking):

  • [AITech-8.2] Unintentional and/or unauthorized exposure or exfiltration of sensitive information, such as private or sensitive data, intellectual property, and proprietary algorithms through exploitation of agent tools, integrations, or capabilities, where the agent is manipulated to use legitimate tools for malicious data exfiltration purposes. (Allowed: Data leak risk acceptable - tool designed for creative workflows where external content integration is essential. Users should be aware of potential data exposure through code execution capabilities.)

Summary: Scanned 1 MCP server(s), found 9 security issue(s).

⚠️ Action Required: Security issues were detected. Please review and address them before merging.

@renovate renovate Bot force-pushed the renovate/blender-mcp-1.x branch from 3178335 to 9fc821d Compare July 3, 2026 10:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants