openscad-mcp
Provides a Model Context Protocol (MCP) server (built with FastMCP) that lets an AI assistant render, export, validate, and analyze OpenSCAD (.scad) models by running an OpenSCAD subprocess. Supports stdio transport for MCP with optional HTTP/SSE via environment configuration, and includes workspace file management and render caching options.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security controls mentioned include path validation (scad_file/include_paths vs configurable allowed_paths), file size limits (max_file_size_mb), variable name validation (regex), subprocess timeout (default 300s), and model name validation (prevents path traversal). However, the README does not describe authentication/authorization for MCP requests, and defaults suggest allowed_paths may be null (potentially unrestricted file access). TLS/auth strength for HTTP/SSE transport are not documented.
⚡ Reliability
Best When
You want local/controlled tool-assisted CAD rendering workflows where an agent needs structured MCP tools for OpenSCAD modeling and export.
Avoid When
You cannot restrict file paths / workspace access or you need strict governance over arbitrary .scad code execution.
Use Cases
- • Render OpenSCAD models from specific camera/view presets and export images
- • Batch rendering of standard perspectives (front/back/left/right/top/bottom/isometric)
- • Export models to multiple CAD formats (STL/3MF/AMF/OFF/DXF/SVG)
- • Validate OpenSCAD code (syntax-check, warnings, echo output)
- • Analyze geometry (bounding box/dimensions/triangle count via STL export)
- • Manage .scad files in a workspace (create/get/update/list/delete)
- • Discover available OpenSCAD libraries and verify OpenSCAD installation/version
Not For
- • Running in untrusted remote environments without sandboxing (it executes OpenSCAD on provided code)
- • Long-lived multi-tenant SaaS use without strong isolation controls
- • Use as a security boundary for file access (allowed_paths is configurable, and defaults indicate potential unrestricted access)
- • Producing authoritative engineering results without validating outputs
Interface
Authentication
Authentication/authorization for MCP is not described in the provided README. Access control appears to be driven by how/where you run the server (e.g., local stdio, project/user scopes in client tooling) and configurable file/path restrictions.
Pricing
Open-source (MIT) package; no pricing described.
Agent Metadata
Known Gotchas
- ⚠ Rendering and exporting execute OpenSCAD subprocesses; long runtimes/timeouts can occur depending on model complexity.
- ⚠ File operations may be constrained by allowed_paths and max_file_size_mb; ensure the agent respects workspace and path rules.
- ⚠ Variable and model name validation exists, but agents may still send large/complex inputs that trigger timeouts or size limits.
- ⚠ If using HTTP/SSE transport, ensure MCP_HOST/MCP_PORT and network exposure are appropriate and not unintentionally public.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for openscad-mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.