webclaw
WebClaw is a WebMCP-native browser automation agent implemented as a Chrome extension plus an MCP server (invoked via stdio). It controls a real, user-logged-in Chrome instance to navigate pages, take accessibility-tree snapshots, and interact with elements via stable @ref labels. It can also bridge to WebMCP tools declared by pages.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Security posture cannot be fully assessed from the README alone. The system operates inside a real Chrome profile (cookies/logins), which increases risk if the agent is misused. It includes an evaluate tool (JS execution in page context), which can access sensitive in-page data and potentially interact with local session state. No auth/scopes model is described, implying broad local control once started. TLS usage for the local WebSocket bridge is not specified; local transport is likely used, but explicit guarantees are not documented.
⚡ Reliability
Best When
You want an AI agent to operate inside your existing Chrome session (cookies, logins, extensions) and you can accept local automation risk to the user’s browser profile.
Avoid When
Avoid using it in contexts where running JS in the page context, interacting with sensitive sites, or granting an agent broad browser control is unacceptable.
Use Cases
- • Agentic browsing for personal productivity (search, read, fill forms, click flows)
- • QA/testing workflows that require a real logged-in browser session
- • Accessibility-focused automation using an accessibility tree rather than pixels/CSS selectors
- • WebMCP-enabled sites tool discovery and invocation
- • Multi-session control by running multiple MCP server instances and connecting them to the extension
Not For
- • Headless-only or server-side browsing use cases where Chrome extension support is unavailable
- • Highly security-sensitive environments without careful risk controls (it can execute page JavaScript via evaluate)
- • Use cases requiring strict guarantees of non-interference with user sessions (it operates within the real user’s Chrome profile)
Interface
Authentication
No explicit user-facing auth/authorization model is described in the README; access appears to be local-process based (your agent config starts the server; the extension attaches to local MCP servers over a local WebSocket).
Pricing
Pricing information is not provided in the supplied content; appears to be an open-source MIT project distributed via npm/repo/release extension zip.
Agent Metadata
Known Gotchas
- ⚠ Content scripts only inject into http(s) pages (not chrome://, file://, etc.)
- ⚠ Chrome must have the extension loaded; if the first tool call fails, start Chrome manually with the extension loaded
- ⚠ Port conflicts: WebClaw scans 18080–18089 unless WEBCLAW_PORT is set
- ⚠ WebMCP native tool discovery requires Chrome 146+ with navigator.modelContext; pages must declare tools
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for webclaw.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.