ai.smithery/ChiR24-unreal_mcp_server

7.0

A comprehensive Model Context Protocol (MCP) server that enables AI assistants to control Unreal E…

streamable-httpai-ml developer-tools cloud

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-smithery-chir24-unreal-mcp-server": {
      "type": "streamable-http",
      "url": "https://server.smithery.ai/@ChiR24/unreal_mcp_server/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-smithery-chir24-unreal-mcp-server": {
      "url": "https://server.smithery.ai/@ChiR24/unreal_mcp_server/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

excessive-scope

Unreal Engine Control via Remote HTTP

Server claims to enable AI assistants to 'control' Unreal Engine, which implies broad capabilities for game engine manipulation. This is an inherently high-risk capability set that could allow unauthorized modification of game projects, assets, or execution of arbitrary engine commands.

high

network-access

Remote HTTP Endpoint Without Visible Authentication

Server is exposed via remote HTTPS endpoint (https://server.smithery.ai/...) rather than local stdio. No authentication mechanism is documented in the provided metadata, creating potential for unauthorized access from any network client.

medium

vague-description

Truncated and Vague Description

The description is cut off mid-word ('Unreal E…'), making it impossible to fully assess the server's actual scope and capabilities. The word 'comprehensive' is a red flag suggesting broad, undefined functionality.

medium

excessive-tools

Tool Definitions Unavailable for Audit

Tool definitions could not be fetched from the server, preventing detailed analysis of what specific operations are exposed. This is a significant audit gap for a server claiming to 'control' a complex application like Unreal Engine.

low

info

Positive: Repository Available

Server has a public GitHub repository, which is a positive trust signal and allows for source code review.

info

vague-description

Semantic Analysis Summary

This Unreal Engine control server presents significant security concerns due to its remote HTTP exposure, vague description, and inability to audit its actual tool definitions. The claimed capability to 'control' Unreal Engine is inherently broad and risky. While the public repository is a positive signal, the incomplete metadata and lack of visible authentication mechanisms warrant caution before deployment.

Last scanned 1h ago

Details

Version: 0.4.4
Transport: streamable-http
Capabilities
Repository: ChiR24/Unreal_mcp