Model Context Protocol high risk

Browser Kit

Enables AI assistants to control web browsers, automating tasks and accessing web content, but requires careful security considerations due to its broad access.

Connections & Capabilities

Connects To

GitHub

Capabilities

readwriteexec

Quickstart

Config

{
	"mcpServers": {
		"browser-kit": {
			"command": "npx",
			"args": ["@mcp-browser-kit/server"]
		}
	}
}

Exposed MCP Tools (5)

moderate

browse_url

Opens a specified URL in the browser.

Opening untrusted URLs can lead to security risks.

safe

get_page_content

Retrieves the HTML content of the current page.

Read-only access to page content.

high

click_element

Clicks on a specified element on the current page.

Can trigger actions with real-world consequences.

high

fill_form

Fills out a form on the current page with provided data.

Can submit sensitive information or trigger unintended actions.

critical

execute_javascript

Executes arbitrary JavaScript code in the context of the current page.

Allows arbitrary code execution, potentially leading to full browser control.

Safety Assessment

MCP Browser Kit offers powerful browser automation capabilities, but its lack of authentication and broad access make it risky. It should only be used in isolated environments with non-sensitive data until proper security measures are implemented. The alpha stage warning should be heeded.

Requires manual extension installation, preventing automatic deployment.
User notes emphasize the importance of using a separate browser profile.
Ports are recommended to be restricted to the local device network.
Provides compatibility information for different browsers and extension builds.

Lacks authentication for incoming requests, posing a significant security risk.
Allows AI to interact with and potentially modify web content.
Broad access to browser functionality can expose sensitive data.
No built-in sandboxing to limit the extension's capabilities.
Potential for unintended exposure of data to AI model providers.