devTools-Advance-mcp
Verified Safeby Eddym06
Overview
Enables AI agents to control a local Chrome or Edge browser for web navigation, data extraction, interaction, network interception, and anti-detection, using the user's real browser profile.
Installation
npx chrome-devtools-advanced-mcp --port=9223Security Notes
The server provides extensive control over the local browser, including arbitrary JavaScript execution (`execute_script`), CSS/JS injection (`inject_css_global`, `inject_js_global`), and direct manipulation of network requests/responses. It also uses `child_process.spawn` and `execAsync` for system commands to manage browser processes and profiles (e.g., `robocopy`, `rsync`, `powershell`). The Chrome debugging port is exposed (default 9222/9223) and `--remote-allow-origins=*` is used by default, which is permissive. While designed for advanced AI interaction, these capabilities present significant security risks if the AI agent is compromised or instructed maliciously, potentially leading to arbitrary code execution within the browser's context or on the user's system (via OS commands). The 'Shadow Profile' mitigates direct corruption of the default profile but does not prevent browser-based attacks.
Similar Servers
mcp-chrome
Transforms the Chrome browser into an AI-controlled automation tool, enabling large language models to interact with web pages, analyze content, and manage browser functions.
mcp-shark
Aggregate multiple Model Context Protocol (MCP) servers into a single unified interface with a powerful monitoring UI.
context-engineering
Provides a Model Context Protocol (MCP) server that enables AI agents to control a web browser using Selenium for web automation tasks.
firefox-devtools-mcp
Automates Firefox browser via WebDriver BiDi (through Selenium WebDriver) to interact with web pages, capture snapshots, monitor network/console, and perform user interactions.