agent-jake-browser-mcp-server

The server's primary function is to act as a conduit for AI agents to control a Chrome browser through a companion extension. A critical security aspect is the `browser_evaluate` tool, which allows an AI agent to execute arbitrary JavaScript code within the browser context. While this execution happens in the browser (not on the Node.js server), it enables full control over any visited web page, including data exfiltration, DOM manipulation, or malicious network requests originating from the browser. The server uses WebSockets on `127.0.0.1` and stdio JSON-RPC, limiting direct external network exposure to the server itself. However, if the AI agent or the host system running it is compromised, this server provides a powerful vector for malicious browser actions. The `killProcessOnPort` utility uses system-level commands (`lsof`, `process.kill`) which, while intended for clean shutdown, represent elevated capabilities. Overall, the system's security is heavily dependent on the trustworthiness of the AI agent and the local environment it operates in; it is a powerful tool with inherent risks if misused.