Unreal-MCP — agentic threat model
Unreal-MCP presents a significant security risk profile by bridging AI agents directly to Unreal Engine 5.7's editor and runtime. If compromised, the agent's deep integration via C++ and .NET could allow unauthorized execution of engine commands, potentially leading to host compromise or intellectual property theft.
OWASP AIVSS score rationale
| Autonomy of Action | 0.70 | |
| Goal-Driven Planning | 0.50 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.80 | |
| Persistent Memory | 0.20 | |
| Contextual Awareness | 0.60 | |
| Dynamic Identity | 0.20 | |
| Multi-Agent Interactions | 0.50 | |
| Non-Determinism | 0.60 | |
| Opacity & Reflexivity | 0.50 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — The listing does not specify which foundation models are utilized to drive the MCP client or interpret the tool outputs.
Not certain from the listing — There is no mention of RAG, vector databases, or training data pipelines; the focus is strictly on editor/runtime control.
Exposes a configurable tool set to AI agents via the Model Context Protocol (MCP). Threats include tool misuse, where an agent executes unintended or destructive Unreal Engine commands, and insecure tool integration between the .NET sidecar and the C++ plugin.
Operates as a C++ plugin and .NET sidecar supporting both local and cloud connection modes. This introduces risks of local port exposure, unauthorized socket connections, and potential privilege escalation to the host running the Unreal Editor.
Not certain from the listing — The listing does not detail any logging, evaluation, or observability mechanisms to monitor agent actions within the engine.
Implements token authentication and a configurable tool set to restrict the agent's control surface. However, there is no mention of broader enterprise compliance frameworks or audit logging.
Designed to connect 'AI agents' to Unreal Engine, implying potential multi-agent orchestration. Threats include cascading failures if one agent in a multi-agent system is compromised and abuses the engine control tools.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).