blueprint-mcp
Verified Safeby railsblueprint
Overview
Enables AI assistants to control a real browser (Chrome, Firefox, Opera) through a browser extension, ideal for interacting with logged-in sessions and avoiding bot detection.
Installation
npx @railsblueprint/blueprint-mcp@latestEnvironment Variables
- AUTH_BASE_URL
- MCP_PORT
- DEBUG
- STEALTH_MODE
Security Notes
The server design uses a browser extension for automation, which inherently involves executing JavaScript in the browser context via DevTools Protocol (`Runtime.evaluate`). This means the AI agent effectively has the ability to run arbitrary JavaScript on the web pages it controls. The default local WebSocket connection (`127.0.0.1:5555`) is secure. The PRO tier uses OAuth2 authentication for cloud relay connections, with tokens stored securely using file locking (`proper-lockfile`). JWTs are decoded by the client but not validated, relying on the relay server for validation, which is an appropriate separation of concerns. No obfuscation or obvious malicious patterns were found in the provided code. The project is transparent about the inherent security implication of giving AI control over a browser.
Similar Servers
mcp-server-browserbase
Enables LLMs to perform cloud browser automation tasks such as navigating, interacting with elements, extracting data, and capturing screenshots on web pages.
mcp
This server provides Hyperbrowser's Model Context Protocol (MCP) interface, offering tools for web scraping, structured data extraction, crawling, and general-purpose browser automation using AI agents like OpenAI's CUA and Anthropic's Claude Computer Use.
AgentBoard
Enhances web browsing with AI-driven automation, allowing LLMs to interact with web pages, extract content, and execute custom tools.
flowlens-mcp-server
Provides coding agents with full browser context from recorded user flows for debugging and regression testing.