mcp-server-website
by carlos19772023
Overview
Captures and processes web page screenshots and screencasts, optimized for large language model (LLM) vision APIs by tiling and resizing.
Installation
npm run serveEnvironment Variables
- LOG_LEVEL
- NODE_ENV
Security Notes
The server is highly insecure due to running Puppeteer with the `--no-sandbox` flag and accepting arbitrary JavaScript code (via `jsEvaluate` and `jsCommand` parameters) to be executed on navigated web pages. This combination creates a critical remote code execution (RCE) vulnerability, allowing an attacker to execute arbitrary code on the host machine if the browser process is compromised. The server also acts as a browser automation proxy, navigating to arbitrary URLs, which can be exploited for Server-Side Request Forgery (SSRF) or other network attacks if publicly exposed. Furthermore, the provided README links to a direct `.zip` file download from an untrustworthy-looking GitHub user account (`carlos19772023/mcp-server-website`) rather than the project's stated repository (`just-every/mcp-screenshot-website-fast`), which is a significant red flag suggesting potential misdirection or distribution of altered software.
Similar Servers
mcp-server-browserbase
Enables LLMs to perform cloud browser automation tasks such as navigating, interacting with elements, extracting data, and capturing screenshots on web pages.
Peekaboo
macOS automation server that integrates AI for screen capture analysis, UI interaction, and agentic workflows.
computer-use-mcp
This server allows an AI model, such as Claude, to control a user's computer by interacting with the desktop GUI through mouse, keyboard, and screen capture actions.
AgentBoard
Integrates AI agents with browser capabilities, enabling interaction with web pages and external Model Context Protocol (MCP) servers through a suite of specialized tools for tasks like content extraction and web automation.