browsermcp/mcp
MCP server plus extension that automates the user's own local Chrome browser.
🛡️ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for browsermcp/mcp, derived from its capabilities.
AIVSS 8.8 · High
View MAESTRO 7-layer threat model →Overview
Browser MCP pairs an MCP server with a Chrome extension so agents can control the user's real, logged-in browser tab. It reuses existing sessions and cookies to act as the user. This gives broad access to authenticated sites, making scope control and page-content trust critical security concerns.
Key features
- Controls the user's real Chrome
- Reuses existing logins and cookies
- Local-first, no cloud
- Click, type, navigate, read
Use cases
- Automating authenticated web workflows
- Local browser task automation