flipper-ble-mcp
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@flipper-ble-mcpscreenshot my Flipper"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
flipper-ble-mcp π¬π‘
Drive a Flipper Zero wirelessly over Bluetooth LE from Claude β no USB cable β backed by a self-evolving knowledge base that makes every session faster than the last.
flipper-ble-mcp is three layers that form a loop:
An MCP server (
src/) β 38 tools that control a Flipper Zero over BLE: read device info & files, screenshot the screen, inject button presses, launch apps, app-driven Sub-GHz/IR transmit, GPIO, BadUSB, and a scheduled read-only health-watch.A skill (
.claude/skills/flipper/) β the operating brain: anORIENT β EXECUTE β CAPTUREloop, a routine index (task β KB doc β tools), verified menu maps, and safety gates.A knowledge base (the docs in this repo) β ships prebuilt with deep Flipper + toolkit knowledge the agent reads before acting and writes back to after (
/flipper-learn).
read the KB β act via MCP β capture what you learned β KB grows β next session is fasterThat last arrow is the point: instead of re-deriving how the device behaves each time, the agent accumulates expertise β and it ships with a big head start.
β οΈ macOS only (today). The Bluetooth work runs inside a small ad-hoc-signed
.appthat carries the macOS Bluetooth entitlement; the MCP process itself never touches BT. See Architecture.β οΈ Dual-use tool. It can transmit RF/IR and inject USB keystrokes (BadUSB). Your own devices, authorized targets, and legal frequencies only. Every real action is human-approved per call. See SECURITY.md.
Why
LLM agents are great at reasoning and terrible at remembering what they learned last time. This project pairs real hardware control (an MCP server) with a knowledge base the agent both consumes and grows β so operating a Flipper gets faster and more reliable with use, and the knowledge is portable (it ships in the repo, not trapped in one chat).
Related MCP server: Lovense Cloud MCP
Demo
Demo GIF coming soon.
Architecture
Claude (Desktop / Code)
β MCP (stdio)
βΌ
flipper-ble MCP server βββββββββββββββ (never touches Bluetooth directly)
β token-authed Unix socket β
βΌ β
resident daemon (holds ONE BLE link) β runs inside FlipperBLE.app β
β Bluetooth LE β the ad-hoc-signed bundle that carries
βΌ β the macOS Bluetooth (TCC) entitlement
Flipper ZeroA persistent daemon keeps a single BLE connection open (status/reads ~0.1β0.3 s, screenshot/press
~1.5 s; idle-disconnects to free the radio for your phone). The socket is 0600 + shared-token authed.
Install
Prerequisites: macOS, a Flipper Zero (Momentum / Unleashed / official firmware), Claude Code or Claude Desktop, Python 3.11+, and
uv.
git clone https://github.com/pogorelov-labs/flipper-ble-mcp && cd flipper-ble-mcp
./app/build_app.sh # builds + ad-hoc-signs FlipperBLE.app (one-time; no Apple Dev account)Add the MCP server to Claude β claude mcp add flipper-ble -- uvx flipper-ble-mcp, or in your Claude Desktop config:
{
"mcpServers": {
"flipper-ble": { "command": "uvx", "args": ["flipper-ble-mcp"] }
}
}Then run Claude Code in this repo: the flipper skill + the KB are auto-discovered, so just ask β
"what's my Flipper's battery?" / "screenshot my Flipper." (To use the skill outside the repo, copy
.claude/skills/flipper/ and .claude/commands/flipper-learn.md into your ~/.claude/.)
The self-evolving knowledge base
Seed (this repo) β curated, general Flipper + toolkit knowledge. Indexed by
llms.txt.Local overlay (
kb-local/, git-ignored) β where each install's new learnings land via/flipper-learn. The skill reads it alongside the seed; local entries win on conflict.PR-back β broadly-useful learnings get promoted into the seed via pull request, so the community's collective experience compounds. Classification rule:
.claude/skills/flipper/references/kb-map.md.
Tools
38 tools β full table + RPC mapping in resources/flipper-ble-control.md. Highlights: device_info, power_info, screenshot, press / press_sequence, storage_*, app_launch, transmit_subghz / transmit_infrared (gated), gpio_*, run_badusb (gated), healthwatch.
Safety & responsible use
See SECURITY.md: every action is human-approved per call; RF/IR/BadUSB is for your own authorized targets on legal bands; the health-watch is read-only and default-off; the agent is instructed never to autonomously transmit.
Contributing
See CONTRIBUTING.md β including how to PR a learned-KB entry back into the seed.
House style for KB docs: CLAUDE.md.
License
MIT Β© 2026 Ruslan Pogorelov.
State: 70 content docs, ~102k words. The knowledge base below is generated from per-doc frontmatter β
run python3 build-kb-index.py to rebuild; never hand-edit the block.
Index
Start here / Core
File | Status | What's in it |
β | Scored data model β schema + 1β10 real-use rubric + 63 use-cases in ranked score bands. | |
β | Hardware block map, STM32WB MCU, radios, software stack, SD layout, and full capability map. | |
β | Dual-use ground rules β RF-transmit, cloning, HID, EMV reality, and a responsible-use checklist. | |
β | One-line definitions of every term used across the KB, each linking to its deep-dive. |
Dataset: use-cases.csv / use-cases.json β regenerate the JSON with
python3 build-use-cases-json.py. UC-ID β docs map: uc-index.json.
Firmware
File | Status | What's in it |
β | Firmware comparison matrix, Xtreme to Momentum history, flashing/recovery, and legal/stability risks. | |
β | Step-by-step β back up SD, flash Momentum, restore, re-enable add-ons, verify (frontier Stage 0). | |
β | Feature-rich Xtreme successor β capabilities by domain plus an honest is-it-the-best verdict. | |
β | Stock OFW from Flipper Devices β abilities, deliberate limits, and the sanctioned app catalog. | |
β | Kitchen-sink, bleeding-edge custom firmware with the largest bundled app/game set and most crashes. | |
β | Unlocked, stable, RF-focused custom firmware β the oldest OFW fork, favored for serious Sub-GHz work. |
Hardware & GPIO
File | Status | What's in it |
β | GPIO pinout, ADC/PWM/buses, power limits, and the Flipper's internal-radio front-end hardware. | |
β | Bruce vs Ghost ESP vs Marauder β which firmware to flash on an ESP32 Flipper backpack. | |
β | The ESP32-WROOM Marauder backpack hardware β GPIO 9-18 mount (3V3), the freeze fix, BOOT/RST buttons, dual-SD, flashing. | |
β | Current GPIO add-ons β DevBoard, VGM, Marauder/Ghost ESP, Mayhem, NRF24, CC1101, GPS, protoboards. | |
β | Which GPIO add-on(s) to buy, by goal/persona, with a board-vs-persona comparison table. | |
β | Plain-words use-cases + pros/cons for each Flipper GPIO add-on β GPS, NRF24, CC1101, BLE sniffer, thermal, geiger. | |
β | DIY GPIO add-ons β IΒ²C/SPI/UART sensors, displays, LoRa, BLE sniffer, logic analyzer, and design limits. |
Capabilities (built-in feature deep-dives)
File | Status | What's in it |
β | HID keystroke injection over USB (and BLE on CFW) β Ducky Script, layouts, OS targets, and blue-team defenses. | |
β | Dallas / Cyfral / Metakom contact "touch" keys over 1-Wire β read, emulate, and clone to writable blanks. | |
β | Capture, store, and replay consumer IR; protocols, .ir format, universal remotes, and the Flipper-IRDB library. | |
β | Overview of the two card radios β LF 125 kHz RFID and HF 13.56 MHz NFC; deep dives live in cards/. | |
β | CC1101 sub-1-GHz radio β bands, modulation/presets, on-device workflows, .sub format, protocol decoders. |
Cards, NFC & RFID (deep-research sub-domain)
File | Status | What's in it |
β | Hub: card taxonomy, security tiers, and the cards doc index | |
β | What's cloneable + how, magic cards, and a blanks list | |
β | iCLASS legacy vs SE/SEOS; the PicoPass app | |
β | EM4100/HID Prox/Indala/AWID + T5577 cloning | |
β | MIFARE Classic/Ultralight/NTAG/DESFire + Crypto1 attacks | |
β | RFID/NFC physics + ISO 14443/15693/18092 protocols |
Wi-Fi (ESP32 Marauder add-on)
File | Status | What's in it |
β | Hub: Wi-Fi capability map β which use-case lives in which doc. | |
β | Rogue-AP captive-portal credential harvesting. | |
β | Agent-driven AP scan β launch Marauder over the BLE MCP, run scanap, read the full network list from the SD log. | |
β | Runnable: audit your own PSK (capture, hcxtools, hashcat). | |
β | Deauthentication: the 802.11 flaw and the PMF/802.11w defense. | |
β | Scan, sniff to PCAP, beacon spam, analyzer, wardrive, detect-deauth. | |
β | Capture the WPA 4-way handshake / PMKID and crack it offline with hashcat. |
Bluetooth / BLE
File | Status | What's in it |
β | Hub for Bluetooth on this rig β Classic vs BLE, and the BLE use-case map across the sub-domain docs. | |
β | How Find My works, anti-stalking tracker detection, rig limits, and FindMy Flipper as the inverse emulator. | |
β | Real BLE connection capture via nRF52840/nRF Sniffer or Sniffle, plus crackle for LE Legacy pairings. | |
β | Advertising-flood pairing popups (Sour Apple/Fast Pair/Swift Pair); the iOS 17.2 story; nuisance, not a hack. | |
β | Bluetooth Classic (BR/EDR) attacks β KNOB, BIAS, BlueBorne β and why this rig can't touch them. | |
β | Interception reality β advertising vs connection sniffing, pairing crypto, and what this rig can/can't do. |
Theory
File | Status | What's in it |
β | The attack class that beats correct crypto β PKES/BLE/NFC relay; UWB/distance-bounding defense | |
β | KeeLoq internals, RollJam/RollBack, cryptanalysis, and defenses | |
β | The gap no patch closes β phishing, BadUSB social-eng, NFC/QR baiting; passkeys as the fix |
Topics
File | Status | What's in it |
β | What an AI agent driving the Flipper unlocks, the hardware/crypto ceiling, and injectionβhardware risk. | |
β | Maker/electronics projects, FAP/ufbt app dev, on-device JavaScript, and asset packs. | |
β | Honest red-team framing β capability-vs-tool matrix, methodology, ROE checklist, remediation. | |
β | How Flipper's Sub-GHz region provisioning works, why "Missing region file" blocks TX, and the fix. | |
β | Legitimate uses & project ideas organized by capability, with a starter-projects table. | |
β | Where capability still beats modern defenses in 2026 β deployment inertia, relay attacks, IoT floor, FM11RF08S. |
Resources
File | Status | What's in it |
β | Curated GitHub repos by category, with maintenance flags | |
β | Discord/Reddit/forums + vetted YouTube creators | |
β | Wireless Flipper control SOLVED β read/see/drive/launch/file-read over BLE via the flipper-ble MCP server. | |
β | Fun/novel projects β FlipperHTTP web apps, games, VGM DOOM, MagSpoof, Home Assistant | |
β | Drive the Flipper from Claude β MCP servers, AgentFlipper, Mac/USB setup, AI-control risks | |
β | How an AI agent should drive the Flipper via the MCP toolkit β data-first algorithm, menu maps, app-entry recipes, conventions. | |
β | Gated control MCP server (Stage 3) β 14 tools (input/apps/LED/GPIO/IR+SubGHz-TX/writes + screenshot) over USB, each approved. | |
β | Gated, default-off launchd job that polls the Flipper read-only 3Γ/day (battery/storage/clock/firmware) and notifies on anomalies. | |
β | The read-only MCP server we built for this rig β 14 native mcp__flipper__* device-read tools over USB, one allowlist. | |
β | Leaderboard + people β top repos by stars, devs/orgs to follow, the ESP32 scene | |
β | Runbook for the BadUSB/HID, CAN/automotive, physical-access, crypto and misc security FAPs on my Momentum rig. | |
β | Per-app runbook for the LF RFID (125 kHz), iButton/1-Wire, and Infrared apps on the owner's maxed Momentum rig. | |
β | Per-app reference for every 13.56 MHz NFC .fap on my Momentum rig β what it does, options, gotchas, sources. | |
β | Docs, cheat-sheets, and deep RF+NFC learning material by level | |
β | Deeper cut β pyFlipper scripting, sensor/utility apps, data/dumps, asset packs, 3D | |
β | Install busse MCP, add to Claude Code over USB, scope it read-only with gating β first safe AIβdevice milestone. | |
β | Per-app reference for the Sub-GHz/RF .faps on this Momentum rig β what each does, key options, use-cases, gotchas, sources. | |
β | Device-specific Sub-GHz repos and .sub collections (TouchTunes, gates, Tesla, sensors) | |
β | qFlipper, Flipper Lab, flashers, and an SD-backup checklist | |
β | Per-app runbook for the ESP32 / BLE / NRF24 companion FAPs on my Momentum rig β what each does, settings, hardware, sources. |
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/pogorelov-labs/flipper-ble-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server