tabnab
Verified Safeby clduab11
Overview
Provides AI agents with authenticated access to a real Chrome browser session for web navigation, content extraction, and automation without sharing passwords.
Installation
node /absolute/path/to/tabnab/dist/mcp/index.jsEnvironment Variables
- CHROME_DEBUG_PORT
- TABNAB_POLICY_CONFIG_PATH
- TABNAB_ALLOWED_DOMAINS
- TABNAB_ALLOWED_PATH_PREFIXES
- TABNAB_CONFIRMATION_MODE
- TABNAB_AUDIT_LOG_PATH
- TABNAB_MAX_STEPS
- TABNAB_AUDIT_LOG_SELECTOR_MODE
Security Notes
The project demonstrates strong security awareness. It operates locally, connects only to `localhost` Chrome via CDP, and implements robust policy enforcement including a domain allowlist, confirmation prompts for sensitive actions, and prompt injection detection. Audit logging with sensitive data redaction is also in place. No 'eval' or obvious malicious patterns were found. Requires user to trust the AI agent and follow best practices outlined in `SECURITY.md`.
Similar Servers
mcp-server-browserbase
Enables LLMs to perform cloud browser automation tasks such as navigating, interacting with elements, extracting data, and capturing screenshots on web pages.
blueprint-mcp
Enable AI assistants and coding agents to control and automate real web browsers (Chrome, Firefox, Opera) through a browser extension, maintaining logged-in sessions and avoiding bot detection.
headless-browser-tool
This project provides a Ruby-based tool for automating web interactions using a headless browser, potentially integrated with an AI or automation orchestration system.
puppeteer-mcp-server
Automating browser interactions and web scraping via an MCP server.