puppeteer-mcp-server
Verified Safeby sultannaufal
Overview
Automating browser interactions and web scraping via an MCP server.
Installation
docker compose --env-file .env up -dEnvironment Variables
- API_KEY
Security Notes
The `puppeteer_evaluate` tool allows executing arbitrary JavaScript code in the browser, which is an inherent security risk, even with input validation. The `allowDangerous` flag in `puppeteer_navigate` can also expose the browser to less secure configurations if explicitly enabled. However, the project implements robust security measures including API key authentication, URL, script, and selector safety validations, Helmet.js, CORS, rate limiting, and runs Puppeteer in a sandboxed, non-root Docker environment. Binary image serving is not authenticated but relies on temporary, UUID-based URLs and automatic cleanup.
Similar Servers
firecrawl-mcp-server
A Model Context Protocol (MCP) server for integrating Firecrawl's web scraping, crawling, search, and structured data extraction capabilities with AI agents.
fetcher-mcp
This MCP server is designed for fetching web page content using a Playwright headless browser, enabling intelligent content extraction, JavaScript execution, and flexible output formats.
fetcher-mcp
Fetching and processing web page content (HTML to Markdown) using a headless browser for AI-driven applications.
runautomation-mcpserver
A comprehensive Playwright-based Model Context Protocol (MCP) server designed for AI assistants to perform web testing, browser automation, and quality assurance tasks through natural language commands.