{"id":"kuroko1t-webclaw","name":"webclaw","homepage":"https://github.com/kuroko1t/webclaw","repo_url":"https://github.com/kuroko1t/webclaw","category":"devtools","subcategories":[],"tags":["ai-agent","browser-automation","chrome-extension","mcp","webmcp","accessibility-tree","automation"],"what_it_does":"WebClaw is a WebMCP-native browser automation agent implemented as a Chrome extension plus an MCP server (invoked via stdio). It controls a real, user-logged-in Chrome instance to navigate pages, take accessibility-tree snapshots, and interact with elements via stable @ref labels. It can also bridge to WebMCP tools declared by pages.","use_cases":["Agentic browsing for personal productivity (search, read, fill forms, click flows)","QA/testing workflows that require a real logged-in browser session","Accessibility-focused automation using an accessibility tree rather than pixels/CSS selectors","WebMCP-enabled sites tool discovery and invocation","Multi-session control by running multiple MCP server instances and connecting them to the extension"],"not_for":["Headless-only or server-side browsing use cases where Chrome extension support is unavailable","Highly security-sensitive environments without careful risk controls (it can execute page JavaScript via evaluate)","Use cases requiring strict guarantees of non-interference with user sessions (it operates within the real user’s Chrome profile)"],"best_when":"You want an AI agent to operate inside your existing Chrome session (cookies, logins, extensions) and you can accept local automation risk to the user’s browser profile.","avoid_when":"Avoid using it in contexts where running JS in the page context, interacting with sensitive sites, or granting an agent broad browser control is unacceptable.","alternatives":["Playwright with custom MCP/stdio bridge","browser-use style CDP automation (if acceptable to not use the real user session)","Selenium/WebDriver with an agent layer","Direct WebMCP clients (where supported) without a Chrome extension agent layer"],"af_score":65.2,"security_score":30.2,"reliability_score":23.8,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T15:40:01.303642+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["Local stdio MCP server (npx webclaw-mcp) + WebSocket bridge to local Chrome extension"],"oauth":false,"scopes":false,"notes":"No explicit user-facing auth/authorization model is described in the README; access appears to be local-process based (your agent config starts the server; the extension attaches to local MCP servers over a local WebSocket)."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Pricing information is not provided in the supplied content; appears to be an open-source MIT project distributed via npm/repo/release extension zip."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":65.2,"security_score":30.2,"reliability_score":23.8,"mcp_server_quality":78.0,"documentation_accuracy":78.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":95.0,"rate_limit_clarity":0.0,"tls_enforcement":40.0,"auth_strength":20.0,"scope_granularity":10.0,"dependency_hygiene":35.0,"secret_handling":50.0,"security_notes":"Security posture cannot be fully assessed from the README alone. The system operates inside a real Chrome profile (cookies/logins), which increases risk if the agent is misused. It includes an evaluate tool (JS execution in page context), which can access sensitive in-page data and potentially interact with local session state. No auth/scopes model is described, implying broad local control once started. TLS usage for the local WebSocket bridge is not specified; local transport is likely used, but explicit guarantees are not documented.","uptime_documented":0.0,"version_stability":35.0,"breaking_changes_history":20.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":"The tools described include actions with side effects (click/type/drop_files/evaluate). No explicit idempotency guarantees are documented.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["Content scripts only inject into http(s) pages (not chrome://, file://, etc.)","Chrome must have the extension loaded; if the first tool call fails, start Chrome manually with the extension loaded","Port conflicts: WebClaw scans 18080–18089 unless WEBCLAW_PORT is set","WebMCP native tool discovery requires Chrome 146+ with navigator.modelContext; pages must declare tools"]}}