webmcp-bridge
webmcp-bridge provides a local stdio MCP server that proxies MCP tool calls into a browser session running WebMCP. It prefers native WebMCP via the page’s `navigator.modelContext`, and falls back to injected adapter shims when native WebMCP isn’t available, using Playwright to drive the browser page.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Strengths: avoids credential vaulting/auth bypass by operating within an authenticated browser session; includes a user-facing use policy discouraging scraping/abuse. Risks/uncertainties: the bridge can automate user-authorized actions and run injected adapters; if misused, it could facilitate unauthorized automation. Details on TLS usage, dependency vulnerabilities, and structured error codes are not provided in the supplied content; scope granularity for tool authorization is not described.
⚡ Reliability
Best When
You want a stable local MCP interface to browser-only WebMCP capabilities while keeping the authenticated browser context and optionally supporting headed collaboration.
Avoid When
You need a server-to-server API with strong built-in auth guarantees, or you require formal uptime/SLA and enterprise operational guarantees from the provider.
Use Cases
- • Connect a local MCP client to native WebMCP-capable websites in the same logged-in browser session
- • Use fallback WebMCP adapters on sites that don’t expose native WebMCP
- • Enable AI agents to collaborate with humans on the same browser/WebMCP surface (e.g., board demo)
- • Run integration/contract tests using deterministic fixture adapters
Not For
- • Unauthorized data collection or bulk scraping
- • Bypassing access controls, rate limits, or platform restrictions
- • Credential theft or moving credentials out of the browser session
- • Automating sites without user authorization or violating site terms
Interface
Authentication
The README states the tool assumes users are already authenticated in the browser session; it also notes it does not implement credential vaulting or auth bypass.
Pricing
No pricing information provided in the supplied README/repo metadata.
Agent Metadata
Known Gotchas
- ⚠ Requires Playwright installation and browser binaries (`npx playwright install`) before use.
- ⚠ Assumes authenticated browser session; if auth state is missing/expired, tool calls may fail until the user completes a headed sign-in.
- ⚠ Bridge-managed headless vs headed mode can differ after reattachment; if the site is sensitive to fingerprint/headed/headless switching, use separate profiles.
- ⚠ Session/profile reuse is important: `uxc` links intended to reuse the same daemon/session; running two modes concurrently may not be supported for all sites.
- ⚠ Adapter behavior depends on the target site and the adapter shim; failures may be adapter-specific rather than pure WebMCP failures.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for webmcp-bridge.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.