npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@mindstone/mcp-server-browser-automation

v0.1.8

Published

Browser automation MCP server — visible-by-default browser control via accessibility snapshots, navigation, form filling, screenshots, and tab management. Set AGENT_BROWSER_SHOW_WINDOW=false to run quietly.

Readme

@mindstone/mcp-server-browser-automation

npm version License: FSL-1.1-MIT

Browser control you can watch: open pages, sign in, click around, fill forms, take screenshots, and keep a reusable browser session.

Best for practical web tasks where the user needs to see, approve, or reuse browser state instead of running a full browser-testing stack.

Status

Why this exists

Microsoft's Playwright MCP is a strong choice for broad browser automation and testing. This connector is deliberately smaller and more visible.

Use it when an assistant needs to work through ordinary websites in a way a person can follow: open a real browser, let the user complete a login, click through admin screens, fill forms, take screenshots, and come back to the same session later. The point is trust and day-to-day usefulness, not exposing every browser-testing capability.

Example interaction

"Open https://example.com, tell me the page title, and take a screenshot."

Tools the host calls:

  1. browser_navigate — opens the URL in the configured browser session.
  2. browser_get_page_info — returns the current URL and page title.
  3. browser_screenshot — captures a PNG screenshot.

Response (trimmed):

{
  "ok": true,
  "url": "https://example.com/",
  "title": "Example Domain"
}

Requirements

  • Node.js 20+
  • npm
  • The agent-browser CLI on PATH, or npx available so the server can install it automatically.

One-click install

Add to Cursor Add to VS Code Add to VS Code Insiders

After clicking the button, your host will prompt you to fill: AGENT_BROWSER_SESSION_NAME, AGENT_BROWSER_SHOW_WINDOW.

{
  "mcpServers": {
    "Browser Automation": {
      "command": "npx",
      "args": [
        "-y",
        "@mindstone/mcp-server-browser-automation"
      ],
      "env": {
        "AGENT_BROWSER_SESSION_NAME": "mcp",
        "AGENT_BROWSER_SHOW_WINDOW": "true"
      }
    }
  }
}

Quick Start

npx

npx -y @mindstone/mcp-server-browser-automation

Or install globally:

npm install -g @mindstone/mcp-server-browser-automation
mcp-server-browser-automation

This server requires the agent-browser CLI binary to control the browser.

Binary Resolution

  1. PATH lookup (preferred): If agent-browser is on your PATH, it is used directly.
  2. npx fallback: If the binary is not found, the server automatically falls back to npx -y [email protected].

Installing agent-browser

npm install -g agent-browser

Or let the npx fallback handle it automatically (slower on first use due to download).

Configuration

No API keys or credentials are required. The server communicates with the browser via the agent-browser CLI.

| Variable | Required | Description | |---|---|---| | AGENT_BROWSER_SESSION_NAME | No | Session name for browser persistence (default: mcp) | | AGENT_BROWSER_SHOW_WINDOW | No | Set to false to run without a visible browser window. Default is visible (true). | | BROWSER_AUTOMATION_ALLOW_EVAL | No | Set to 1 to register the browser_evaluate tool. Off by default. See Security notes. |

MCP Host Configuration

{
  "mcpServers": {
    "browser-automation": {
      "command": "npx",
      "args": ["-y", "@mindstone/mcp-server-browser-automation"]
    }
  }
}

Available Tools (17 by default; +1 when BROWSER_AUTOMATION_ALLOW_EVAL=1)

Navigation

  • browser_navigate — Navigate to a URL
  • browser_back — Navigate back in browser history
  • browser_forward — Navigate forward in browser history
  • browser_wait — Wait for an element to appear or a specified time

Observation

  • browser_snapshot — Get the page accessibility tree with interactive element references
  • browser_screenshot — Take a screenshot of the current page
  • browser_get_page_info — Get the current page URL and title

Interaction

  • browser_click — Click an element using @ref or CSS selector
  • browser_fill — Clear a field and fill it with text
  • browser_type — Type text character by character (real keystrokes)
  • browser_press_key — Press a keyboard key
  • browser_scroll — Scroll the page in a direction
  • browser_select — Select an option from a dropdown
  • browser_hover — Hover over an element
  • browser_evaluate — Execute JavaScript in the page context (gated; see Security notes)

Session Management

  • browser_tabs — List open tabs or switch to a tab
  • browser_close — Close the browser session
  • browser_authenticate — Open a visible browser for manual login

Workflow

The typical workflow uses accessibility snapshots for reliable element targeting:

  1. browser_navigate → open a page
  2. browser_snapshot → see interactive elements with @ref IDs
  3. browser_click / browser_fill → interact using @ref references
  4. browser_screenshot → visual verification

Security notes

Browser automation has a large attack surface: the agent-browser CLI controls a real headless browser that loads URLs you pass it, runs page-side JavaScript, and persists cookies and session state across runs. Read this section before deploying.

browser_evaluate is gated behind BROWSER_AUTOMATION_ALLOW_EVAL

browser_evaluate lets the model execute arbitrary JavaScript inside the page context — the security equivalent of giving the model a shell on whatever site it has just navigated to. To prevent prompt-injected content from doing this silently, the tool is only registered when the host explicitly opts in:

BROWSER_AUTOMATION_ALLOW_EVAL=1 mcp-server-browser-automation

Without this env var, browser_evaluate is not in the tools list at all — the LLM cannot even see it. When enabled, the tool is marked so MCP hosts can require explicit user confirmation before each invocation.

URL scheme deny-list

browser_navigate and browser_authenticate accept only http: and https: URLs (plus the special about:blank). Other URL schemes are refused before the underlying agent-browser CLI is invoked:

  • file: — would let pages read local filesystem paths
  • chrome: and chrome-extension: — internal browser pages and installed extensions
  • javascript: — equivalent to eval() against the current document
  • data: — inlined attacker-controlled HTML/JS payloads
  • view-source: — defeats the same-origin policy on rendered content
  • about: — privileged internal pages (about:config, about:cache, about:debugging, …); only about:blank is permitted

Cookie and session persistence

The connector tells agent-browser to use a named, persistent session via AGENT_BROWSER_SESSION_NAME (default value: mcp). All cookies, localStorage data, and any logins performed via browser_authenticate are stored on disk under that session name and reused across runs. Anyone who can read the session storage — the local user, other tools running as the same user, or backups — can also use those logged-in sessions.

To override the session name (for example, to keep separate profiles per project) set AGENT_BROWSER_SESSION_NAME explicitly in the host's MCP server config. To wipe state, close the browser via browser_close and remove the session directory managed by agent-browser.

Recommended deployment posture

  • Run the connector against a separate browser profile — a dedicated AGENT_BROWSER_SESSION_NAME per MCP host. Do not reuse your daily browser profile: the connector reads and overwrites cookies in whichever profile it is pointed at, and a malicious page can ride the existing session of any site you are logged into.
  • Leave browser_evaluate disabled unless the host implements user confirmation for every call. The default (off) is the safe choice.
  • Require host confirmation for browser_authenticate and any flow that may navigate to authenticated sites — otherwise prompt injection in fetched content can drive the browser at sites the user is logged into.
  • Treat returned page content as untrusted — accessibility snapshots, screenshots, and JavaScript-evaluation outputs come from arbitrary websites and may contain prompt-injection attempts.

Licence

FSL-1.1-MIT — Functional Source License, Version 1.1, with MIT future licence. The software converts to MIT licence on 2030-04-08.