mcp-chrome

Control Chrome browser with AI using MCP protocol. Use when users want to automate browser tasks, take screenshots, fill forms, click elements, navigate page...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 2 · 481 · 2 current installs · 2 all-time installs

by@femto

duplicate of @femto/browser-automation-2

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

The name/description (Chrome automation using MCP) matches the SKILL.md: it documents navigation, screenshots, form filling, history/bookmark access, and network capture. The capabilities requested are consistent with automating and interacting with an existing Chrome instance.

Instruction Scope

The runtime instructions instruct the user to install a global npm native bridge and load an unpacked Chrome extension that will connect to a local MCP server. Those components explicitly enable access to browsing history, bookmarks, existing login sessions (cookies), console output, and network request capture — all highly sensitive. The SKILL.md does not instruct the agent to exfiltrate data, but it gives the skill the ability to read and act on personal data in the browser (and to send requests using browser cookies). There is no guidance in the document about limiting scope or auditing the extension/bridge code.

ℹ

Install Mechanism

There is no formal install spec in the skill bundle, but SKILL.md instructs the user to install an npm package globally (mcp-chrome-bridger) and to load a Chrome extension from a GitHub Releases archive. npm and GitHub Releases are common distribution channels, but the referenced repo/author (femto/mcp-chrome) and package are not accompanied by provenance, integrity checks, or a homepage. Installing a global binary and an unpacked extension is persistent and can be abused if the source is untrusted.

Credentials

The declared requirements list no environment variables or binaries, but the SKILL.md effectively requires installing software that will access browser internals (cookies, history, bookmarks) and run a local server. The skill requests broad, sensitive browser-level privileges that are proportionate to implementing 'use existing sessions' but are not explicitly declared or constrained in the metadata — there is a mismatch between the metadata (no credentials/config) and the real runtime privileges the extension + bridge will gain.

Persistence & Privilege

Although always:false, the installation flow includes a persistent Chrome extension and a globally installed native bridge that can run a background local server (e.g., listening on localhost:12306). These create ongoing local presence and a long‑lived channel into the browser if left installed. The skill does not describe uninstall/verification steps or least-privilege controls.

What to consider before installing

This skill appears to do what it says (control your existing Chrome), but it requires installing an unpacked Chrome extension and a global native bridge that can read cookies, history, bookmarks, and capture network traffic — this is powerful and risky. Before installing: 1) Verify the publisher and repository (inspect the GitHub repo and npm package author, recent commits, and issues). 2) Review the extension and bridge source code (or ask a trusted reviewer) to confirm they do only the advertised MCP work and do not exfiltrate data. 3) Load and test in a dedicated/sandbox Chrome profile with no sensitive logins or data (or in a disposable VM/container). 4) Limit the agent's autonomy (require user invocation or disable automatic invocation) while you evaluate behavior. 5) After testing, remove the extension and uninstall the global package if not needed. 6) Prefer signed extensions or official store distribution and integrity checks (checksums, signatures). If you cannot verify the code and provenance, treat this as high-risk and avoid installing it in your main browser profile.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.1

Download zip

latestvk97476fq8p6bjzzeyk1p2q0nnx81pn96

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Browser Automation (Chrome MCP Server)

Turn your Chrome browser into your intelligent assistant - Let AI take control of your browser.

When to Use This Skill

Use this skill when the user:

Wants to automate browser tasks (clicking, filling forms, navigating)
Needs to take screenshots of web pages or elements
Wants to extract content from web pages
Asks to search browsing history or manage bookmarks
Needs to monitor network requests
Wants AI to interact with websites using their existing login sessions

Installation

Step 1: Install the Native Bridge

npm install -g mcp-chrome-bridger
# or
pnpm install -g mcp-chrome-bridger
mcp-chrome-bridger register

Step 2: Install Chrome Extension

Download from GitHub Releases:

Download mcp-chrome-extension-vX.X.X.zip
Open Chrome → chrome://extensions/
Enable "Developer mode"
Click "Load unpacked" and select the extracted folder
Click the extension icon → Click "Connect"

Step 3: Configure MCP Client

Add to your MCP client configuration:

Streamable HTTP (Recommended):

{
  "mcpServers": {
    "chrome-mcp-server": {
      "type": "http",
      "url": "http://127.0.0.1:12306/mcp"
    }
  }
}

STDIO (Alternative):

{
  "mcpServers": {
    "chrome-mcp-server": {
      "command": "npx",
      "args": ["mcp-chrome-bridger", "stdio"]
    }
  }
}

Available Tools (20+)

Browser Management

Tool	Description
`get_windows_and_tabs`	List all browser windows and tabs
`chrome_navigate`	Navigate to URLs, control viewport
`chrome_switch_tab`	Switch active tab
`chrome_close_tabs`	Close specific tabs
`chrome_go_back_or_forward`	Browser history navigation

Screenshots

Tool	Description
`chrome_screenshot`	Capture full page, viewport, or specific elements

Content Analysis

Tool	Description
`chrome_get_web_content`	Extract HTML/text from pages
`chrome_get_interactive_elements`	Find clickable elements
`search_tabs_content`	AI-powered semantic search across tabs
`chrome_console`	Capture browser console output

Interaction

Tool	Description
`chrome_click_element`	Click elements via CSS selector
`chrome_fill_or_select`	Fill forms and select options
`chrome_keyboard`	Simulate keyboard input

Data Management

Tool	Description
`chrome_history`	Search browsing history
`chrome_bookmark_search`	Find bookmarks
`chrome_bookmark_add`	Add new bookmarks
`chrome_bookmark_delete`	Delete bookmarks

Network

Tool	Description
`chrome_network_capture_start/stop`	Monitor network requests
`chrome_network_request`	Send HTTP requests with browser cookies

Example Usage

Navigate and Screenshot

User: "Take a screenshot of github.com"

AI uses:
1. chrome_navigate(url: "https://github.com")
2. chrome_screenshot(fullPage: true)

Fill a Form

User: "Login to my account on example.com"

AI uses:
1. chrome_navigate(url: "https://example.com/login")
2. chrome_fill_or_select(selector: "#email", value: "user@example.com")
3. chrome_fill_or_select(selector: "#password", value: "...")
4. chrome_click_element(selector: "button[type=submit]")

Search History

User: "Find all pages I visited about React hooks last week"

AI uses:
1. chrome_history(text: "React hooks", startTime: "1 week ago")

Extract Content

User: "What does this page say about pricing?"

AI uses:
1. chrome_get_web_content()
2. Analyzes the extracted content

Advantages Over Playwright

Feature	Playwright MCP	Chrome MCP Server
Browser Instance	New browser process	Your existing Chrome
Login Sessions	Need to re-login	Uses existing sessions
User Settings	Clean environment	Your bookmarks, extensions, settings
Startup Time	Slow (launch browser)	Instant (extension already loaded)
Resource Usage	Heavy	Lightweight

Multi-Client Support

Multiple AI clients can connect simultaneously:

Claude Code
Cursor
Kiro
Any MCP-compatible client

Each client gets its own session while sharing the same Chrome browser.

Troubleshooting

Extension Not Connecting

Check extension is enabled in chrome://extensions/
Click extension icon → Verify "Connected" status
Restart Chrome if needed

Port Already in Use

The server automatically handles port conflicts. If issues persist:

lsof -i :12306
kill <PID>

Resources

GitHub: https://github.com/femto/mcp-chrome
npm: https://www.npmjs.com/package/mcp-chrome-bridger
Releases: https://github.com/femto/mcp-chrome/releases

Files

1 total

Select a file

Select a file to preview.

Comments

Loading comments…