lighthouse-mcp-server
Verified Safeby danielsogl
Overview
Provides comprehensive web performance, accessibility, SEO, and security auditing capabilities using Google Lighthouse for LLMs and AI agents.
Installation
npx @danielsogl/lighthouse-mcp@latestSecurity Notes
The server's core functionality involves launching a Chromium browser and navigating to user-provided URLs, which introduces inherent risks of external content. The `src/schemas.ts` file includes URL validation to restrict protocols to HTTP/HTTPS and prevent common malicious URL patterns like `javascript:`. Chrome is launched with hardening flags `--headless`, `--no-sandbox`, and `--disable-dev-shm-usage`. The `--no-sandbox` flag disables Chrome's sandbox, which is a security feature, but is often a necessary concession when running in containerized environments or certain server setups. No explicit 'eval' usage, obfuscation, or hardcoded secrets were identified. The `SECURITY.md` outlines responsible disclosure and recommended security practices for deployment.
Similar Servers
mcp-omnisearch
A Model Context Protocol (MCP) server that provides unified access to multiple search providers, AI tools, and content processing/enhancement features through a single interface.
goku
Goku is an HTTP load-testing tool designed for benchmarking and performance analysis of web services; the MCP server allows LLM agents to programmatically interact with this load testing functionality.
tmcp
Build Model Context Protocol (MCP) servers for AI agents to interact with external tools and data sources, enabling LLMs to access context and perform actions.
mcp-interviewer
A Python CLI tool designed to evaluate, test, and generate reports on Model Context Protocol (MCP) servers to ensure compatibility and quality for LLM agent use cases.