{"id":"epiral-bb-browser","name":"bb-browser","homepage":null,"repo_url":"https://github.com/epiral/bb-browser","category":"automation","subcategories":[],"tags":["devtools","automation","api","mcp","browser-automation","ai-agents","cli","chrome-extension","cdp"],"what_it_does":"bb-browser is a CLI (and optional Chrome extension/daemon) plus an MCP server wrapper that lets AI agents control a real Chrome browser session using the user’s existing login state. It can run browser automation (click/fill/eval/fetch/network/screenshot) and provides “site adapters” (one JS file per command) to perform site-specific actions like search, feeds, transcripts, summaries, and more, returning results as JSON when requested.","use_cases":["Agentic web research across many sites using existing authenticated sessions","Building chat/agent workflows that need interactive browser actions (search, navigation, scraping-like data extraction) without APIs","Retrieving authenticated content such as social feeds, watchlists, and transcripts","Generating structured outputs for downstream processing via --json and --jq"],"not_for":["Use as a general-purpose headless web-scraping tool for arbitrary unauthenticated targets","Operations requiring strict compliance boundaries around automated access or sensitive personal data handling","Workloads that need strong idempotency/transactional guarantees (browser actions are stateful)"],"best_when":"You have a user-owned Chrome login session and need an agent to interact with complex, auth-gated web UIs and extract results into structured JSON.","avoid_when":"You cannot securely handle user credentials/session state, need fine-grained permissioning beyond what the user browser already has, or require clear published rate-limit/error-contracts for reliable automation.","alternatives":["Playwright/Selenium with your own login automation","Authenticated API wrappers provided by the target services","Browserless/headless browser services with session support","Specialized scraping frameworks per site (often more brittle)"],"af_score":56.2,"security_score":36.0,"reliability_score":28.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-29T18:05:35.878721+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":true,"sdk_languages":["Node.js","TypeScript","JavaScript"],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Uses existing browser login state (cookies/session)","MCP integration via CLI invocation (no OAuth described)"],"oauth":false,"scopes":false,"notes":"Authentication is effectively whatever permissions the user’s logged-in Chrome session already has; bb-browser itself does not appear to introduce a separate OAuth flow or scope model in the provided README."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided in the supplied content."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":56.2,"security_score":36.0,"reliability_score":28.8,"mcp_server_quality":65.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":85.0,"rate_limit_clarity":20.0,"tls_enforcement":60.0,"auth_strength":35.0,"scope_granularity":10.0,"dependency_hygiene":55.0,"secret_handling":25.0,"security_notes":"Security is primarily tied to the user’s existing authenticated browser session; there is no explicit scope/permission model beyond what the browser session permits. The daemon can bind to public interfaces (0.0.0.0) which increases exposure risk if not protected. The README does not describe how session secrets/cookies are stored, redacted from logs, or encrypted, nor does it document threat model controls for eval/injection capabilities.","uptime_documented":0.0,"version_stability":45.0,"breaking_changes_history":40.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"Most commands drive a real browser and are inherently stateful (e.g., searches/opens are fine; posting/commenting or navigation with side effects would be non-idempotent). The README does not document idempotency guarantees or safe retry semantics.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Statefulness: actions depend on the user’s current browser session and UI state","Network/content variability: adapters may break when a site changes","SSO/2FA prompts can block automation until user re-authenticates","Running with --host 0.0.0.0 exposes the daemon to the network; remote access should be tightly controlled"]}}