chrome-devtools-mcp

The `evaluateScript` tool directly executes JavaScript code provided by the agent within the browser context, which is a core feature for enabling advanced control and inspection. The `README` explicitly states: "`chrome-devtools-mcp` exposes content of the browser instance to the MCP clients allowing them to inspect, debug, and modify any data in the browser or DevTools. Avoid sharing sensitive or personal information that you don't want to share with MCP clients." This clearly communicates the inherent risk of granting an AI agent full control over a browser instance, emphasizing that the client (user) is responsible for the data exposed. The `--acceptInsecureCerts` option allows bypassing SSL certificate errors, which could expose the user to MITM attacks if used carelessly, but it's an explicit opt-in with a caution. No direct `eval` calls or similar code execution patterns are observed on the Node.js server itself. The main security consideration is the extensive control granted to the connected AI agent over the browser, which is by design for its purpose.