mcp-devtools-browser
by 4bd4ll4h
Overview
This MCP server provides LLMs with browser automation capabilities using Puppeteer, primarily to assist in generating high-quality, reliable web-scraping scripts.
Installation
npx @4bd4ll4h/mcp-devtools-browserEnvironment Variables
- GEMINI_API_KEY
Security Notes
CRITICAL RISK: The `execute_js` tool allows the LLM to execute arbitrary JavaScript code within the browser context using `new Function()`. This is highly dangerous as a malicious LLM could run any code, potentially leading to XSS attacks, data exfiltration, or other severe vulnerabilities. Additionally, the `browserConfig.json` sets `headless: false` and uses `--no-sandbox` for Puppeteer, which disables critical browser security mechanisms, making the browser instance more vulnerable. While API keys are externalized, the core functionality of executing arbitrary code within an unsandboxed browser poses a significant security threat. Therefore, running this server is not recommended without significant security hardening.
Similar Servers
playwright-mcp
Provides a Model Context Protocol (MCP) server for LLMs to automate browser interactions using Playwright's accessibility tree, avoiding pixel-based vision models.
scrapegraph-mcp
Provides AI-powered web scraping, structured data extraction, multi-page crawling, and agentic automation capabilities for language models.
webscraping-ai-mcp-server
Integrates with WebScraping.AI to provide LLM-powered web data extraction, including question answering, structured data extraction, and HTML/text retrieval, with advanced features like JavaScript rendering and proxy management.
context-engineering
Provides a Model Context Protocol (MCP) server that enables AI agents to control a web browser using Selenium for web automation tasks.