playwright-mcp-server
Verified Safeby alexrwilliam
Overview
Provides a robust, token-aware Playwright browser automation server for Large Language Models (LLMs) and coding agents to interact with web content, supporting advanced features like anti-detection and multi-page management.
Installation
playwright-mcp stdioEnvironment Variables
- MCP_SESSION_ID
- PLAYWRIGHT_BROWSERS_PATH
Security Notes
The server itself does not contain obvious malicious patterns or hardcoded secrets. It employs `_resolve_artifact_path` to mitigate directory traversal for artifact access. However, its core functionality includes the `evaluate` tool, which executes arbitrary JavaScript within the browser context, and `intercept_route` for network modification. These powerful capabilities, if controlled by a compromised or malicious agent, could be leveraged for browser-side attacks (e.g., data exfiltration, XSS, bypassing security measures). Running the HTTP server on '0.0.0.0' by default also poses a network exposure risk if not properly secured, necessitating external firewalling or network isolation.
Similar Servers
playwright-mcp
Provides a Model Context Protocol (MCP) server for LLMs to automate browser interactions using Playwright's accessibility tree, avoiding pixel-based vision models.
fetcher-mcp
This MCP server is designed for fetching web page content using a Playwright headless browser, enabling intelligent content extraction, JavaScript execution, and flexible output formats.
qa-use
Provides comprehensive browser automation and QA testing capabilities, integrating with a backend platform for automated tests, interactive debugging, and batch test execution.
fetcher-mcp
Fetching and processing web page content (HTML to Markdown) using a headless browser for AI-driven applications.