Server data from the Official MCP Registry
Hosted real Google Chrome MCP with per-user persistent state. Navigate, click, type, screenshot.
Hosted real Google Chrome MCP with per-user persistent state. Navigate, click, type, screenshot.
Remote endpoints: streamable-http: https://browser.regiq.in/api/mcp
browser-mcp is a hosted browser automation MCP server with reasonable security fundamentals. Authentication is properly enforced via Bearer tokens, credentials are encrypted with AES-256-GCM, and per-user session isolation is implemented. However, there are notable concerns: password handling during save operations lacks input validation/length limits, credential deletion lacks proper authorization checks, and the stealth evasion script could enable unauthorized web scraping or manipulation of protected sites. Supply chain analysis found 7 known vulnerabilities in dependencies (0 critical, 2 high severity).
7 files analyzed · 15 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Available as Local & Remote
This plugin can run on your machine or connect to a hosted endpoint. during install.
From the project's GitHub README.
Hosted Chrome as an MCP skill. Give any MCP-compatible agent (Claude Desktop, Cursor, custom scripts) a real Chromium browser to drive — navigate, click, type, snapshot, read pages, take screenshots. Human-like behaviour, per-user isolated sessions, encrypted credential storage so login-gated sites work without leaking passwords to the LLM.
use_credentials types the password into the page server-side; the LLM never sees it.Hosted at browser.regiq.in.
Visit https://browser.regiq.in and sign in with Google or GitHub.
Generate an MCP API key on the dashboard.
Add to Claude Desktop's claude_desktop_config.json:
{
"mcpServers": {
"browser": {
"url": "https://browser.regiq.in/api/mcp",
"headers": {
"Authorization": "Bearer YOUR_KEY_HERE"
}
}
}
}
Restart Claude Desktop. Ask it: "open workit.info and search for placements in Cambridge." Your agent will call the browser tools and drive the page.
| Tool | Purpose |
|---|---|
browser_new_session() | Spin up a session; returns sessionId. 15 min idle timeout. |
browser_close_session(sessionId) | Clean up. |
browser_navigate(sessionId, url) | Go to URL, wait for DOMContentLoaded. |
browser_snapshot(sessionId) | Accessibility tree with per-element uids. |
browser_click(sessionId, uid) | Click element by uid. |
browser_type(sessionId, uid, text) | Fill input by uid. |
browser_press_key(sessionId, key) | Keyboard press: Enter, Tab, Control+A, etc. |
browser_wait_for(sessionId, selector) | Wait for CSS selector to appear. |
browser_read_page(sessionId) | Plain-text page content (20 KB cap). |
browser_screenshot(sessionId) | PNG as base64. |
save_credentials(domain, username, password) | Encrypt + store login for a site. |
use_credentials(sessionId, domain, usernameSelector, passwordSelector) | Type stored creds into a login form. Password never returned. |
list_saved_credentials() | See what's stored (domains + usernames only). |
Your agent sees a login form. Flow:
list_saved_credentials().use_credentials(sessionId, "workit.info", "input[name=email]", "input[type=password]"). Server decrypts + types. Then click the submit button.For MVP the user has to save creds via the dashboard. v0.2 will let the agent request creds through a paired channel (e.g. via telegram-mcp).
You'll need:
ngrok http 3013)git clone https://github.com/globalion/browser-mcp
cd browser-mcp
cp .env.example .env
# fill NEXTAUTH_SECRET, GOOGLE_/GITHUB_*, PUBLIC_BASE_URL,
# and generate CRED_ENCRYPTION_KEY with `openssl rand -hex 32`
docker compose up -d
# open http://localhost:3013
Your MCP agent → /api/mcp (Bearer auth) → In-memory session Map → Playwright BrowserContext
↕
Postgres (audit + credentials, AES-256-GCM)
Sessions live in the container's memory. A restart kills all active sessions — users just call browser_new_session again. Contexts auto-close after 15 min idle to free RAM.
The stealth init script strips navigator.webdriver, adds fake plugins, exposes window.chrome.runtime, and patches the notifications permission oddity. Combined with a real Chromium binary (not headless-only) and realistic viewport/UA/timezone, that gets past most public sites.
Sites with serious anti-bot (Cloudflare Turnstile, PerimeterX, DataDome) will still detect. To bypass those you need:
That's v0.2 territory. For now, use browser-mcp on sites that aren't actively hunting bots.
MIT.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.