mcp-chrome
mcp-chrome is a Chrome extension + MCP bridge that exposes Chrome browser capabilities (using the user’s existing Chrome session, tabs, browsing context, and login state) to AI assistants/clients via MCP tools over a local connection (streamable HTTP or stdio). It supports browser automation actions (navigate/click/type), browsing context management (tabs/windows/history/bookmarks), content extraction/analysis, screenshots, and network capture/request tooling.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture appears local-first and privacy-oriented, but the provided documentation shows (example) streamable HTTP over localhost without described auth. The toolset enables powerful browser actions (click/type/inject scripts, network capture with bodies), increasing risk of unintended actions if misused. README mentions pnpm postinstall-script controls for installation; no further guidance is provided on least-privilege, authorization, or secrets handling in logs.
⚡ Reliability
Best When
You want local, session-reusing browser automation by an MCP-capable agent for interactive research, content analysis, and task execution in your own browser environment.
Avoid When
You cannot tolerate agent-driven manipulation of a real, logged-in browser session (including injected scripts and clicks), or you need strong formal API contracts, documented error codes, and explicit rate-limit policies.
Use Cases
- • Let an LLM agent control an existing Chrome session to navigate and perform tasks
- • Extract and analyze page content or interactive elements for reasoning and summarization
- • Capture screenshots for visual inspection or documentation
- • Search across open tabs using semantic similarity
- • Monitor network traffic and/or issue custom HTTP requests from within the browser context
- • Manage bookmarks and query browsing history using agent workflows
Not For
- • Production environments requiring strict, auditable security boundaries for automated web access without user review
- • Use-cases that need fine-grained enterprise authorization/authentication and centralized policy enforcement
- • Environments where using an existing logged-in browser session is unacceptable
- • Workflows that require clear rate-limit guarantees or standardized HTTP API contracts
Interface
Authentication
README does not describe authentication/authorization for the MCP endpoints. The design appears local-first and relies on local connectivity and the user’s Chrome session state (including cookies/login).
Pricing
No pricing information for the software is provided in the provided content; repository is MIT-licensed and distributed via npm/releases.
Agent Metadata
Known Gotchas
- ⚠ Uses an existing logged-in Chrome session; agent mistakes can perform real actions (clicks, form fills, navigation, script injection).
- ⚠ Streamable HTTP example uses localhost with plaintext HTTP in documentation; ensure transport exposure is limited to localhost.
- ⚠ Network capture/debugger modes may require permissions and may be sensitive to browser version/extension state.
- ⚠ If stdio mode is used, the global package install path must be correctly located and configured.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mcp-chrome.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-29.