Chrome DevTools MCP

v2026.6

Google (Chrome DevTools team)

MCPbrowser-automationchromedevtoolsperformance

Strong

About This MCP

Google's official MCP server that gives AI agents full Chrome control via the Chrome DevTools Protocol. Around 26 tools span input automation, navigation, performance tracing and insights, network inspection, console debugging, and screenshots — making it the reference server for AI-assisted web debugging and performance work.

Last Evaluated: June 10, 2026

Official Website

Trust Vector Analysis

Dimension Breakdown

🚀Performance & Reliability

cdp reliability

Review of CDP connection handling for launched and attached Chrome instances

Evidence

Chrome DevTools MCP README — Built directly on the Chrome DevTools Protocol via Puppeteer, the same battle-tested interface used by Chrome DevTools itself; can launch a fresh Chrome instance or attach to a running one

highVerified: 2026-06-10

operation success rate

Hands-on testing of click, fill, navigate, and wait tools against common web applications

Evidence

Chrome DevTools MCP tool reference — Input and navigation tools use Puppeteer's waiting semantics, giving high success rates on standard pages; tools return structured results the agent can act on

highVerified: 2026-06-10

performance tracing accuracy

Validation of trace recording and insight extraction against DevTools Performance panel output

Evidence

Chrome for Developers blog — Performance tracing tools record real Chrome traces and surface DevTools performance insights (LCP, CLS, render-blocking analysis) directly to the agent — first-party data identical to DevTools panels

highVerified: 2026-06-10

error recovery

Error-path testing including navigation failures, missing elements, and dropped CDP connections

Evidence

Chrome DevTools MCP repository — Failed operations return descriptive errors with current page context; console and network tools let agents self-diagnose failures, though crashed Chrome sessions require restart

mediumVerified: 2026-06-10

automation stability

Multi-step workflow stability testing across navigation, input, and inspection tools

Evidence

Chrome DevTools MCP tool reference — Stable multi-step automation across ~26 tools including page management, dialog handling, and emulation; Chrome-only scope avoids cross-engine inconsistencies

mediumVerified: 2026-06-10

🛡️Security

prompt injection resistance

Threat modeling of untrusted page, console, and network content entering the agent context

Evidence

Chrome DevTools MCP security notes — Project explicitly warns that page content is exposed to the MCP client and that malicious pages can attempt to steer the agent — indirect prompt injection via console messages, network bodies, and page text is unmitigated

highVerified: 2026-06-10

arbitrary code execution risk

Capability analysis of in-page JS evaluation under adversarial agent steering

Evidence

Chrome DevTools MCP tool reference — Script evaluation tool executes arbitrary JavaScript in any open page, enabling cookie theft, DOM manipulation, or exfiltration if the agent is hijacked

highVerified: 2026-06-10

session exposure risk

Analysis of attach-to-running-Chrome mode and access to authenticated browser state

Evidence

Chrome DevTools MCP README — When attached to a user's running Chrome, the agent gains full control over logged-in sessions, saved credentials autofill, and all open tabs — the project advises against exposing sensitive sessions

highVerified: 2026-06-10

sandboxing isolation

Review of isolation options (fresh profile, headless, channel selection) versus attach mode

Evidence

Chrome DevTools MCP configuration — Supports launching isolated Chrome instances with temporary user-data directories and headless mode, which contains risk when used; no origin allow/block list filtering

mediumVerified: 2026-06-10

unauthorized action risk

Authorization boundary analysis of write-capable browser actions

Evidence

MCP security guidance — Agent can perform any action the controlled Chrome session permits (form submissions, account changes); no server-side gating of destructive actions — host tool-approval is the only guardrail

mediumVerified: 2026-06-10

🔒Privacy & Compliance

browsing data exposure

Data flow analysis of inspection tool outputs (network, console, screenshot, snapshot)

Evidence

Chrome DevTools MCP disclaimer — Page content, console logs, network request/response bodies, and screenshots are all returned to the MCP client and thus the LLM provider — including authenticated content when attached to a real session

highVerified: 2026-06-10

sensitive data protection

Privacy controls assessment of network and console inspection outputs

Evidence

Chrome DevTools MCP repository — No redaction of credentials, tokens, or PII present in network bodies, headers, or console output; network inspection can surface auth tokens verbatim

mediumVerified: 2026-06-10

local data control

Review of local execution model and data residency

Evidence

Chrome DevTools MCP architecture — Runs entirely locally over stdio; traces, profiles, and browser state stay on the user's machine and the server adds no vendor telemetry

highVerified: 2026-06-10

third party data sharing

Data sharing pathway analysis

Evidence

MCP client documentation — Browser data is shared only with the connected LLM provider per that provider's policy; Google does not receive the data through this server

mediumVerified: 2026-06-10

👁️Trust & Transparency

documentation quality

Documentation completeness and accuracy review

Evidence

Chrome DevTools MCP docs — Complete tool reference for all ~26 tools, configuration options, client setup guides, and an official Chrome for Developers launch post with usage patterns

highVerified: 2026-06-10

open source transparency

Source code and license review

Evidence

GitHub repository — Fully open source under Apache-2.0 in the official ChromeDevTools GitHub org with public issues and roadmap

highVerified: 2026-06-10

operation visibility

Logging and observability assessment

Evidence

Chrome DevTools MCP design — Every browser action is an explicit named tool call visible in MCP host logs; the controlled Chrome window can run headed so users watch the agent act in real time

highVerified: 2026-06-10

vendor credibility

Maintainer reputation and project health analysis

Evidence

GitHub API — Maintained by Google's Chrome DevTools team; 43,277 GitHub stars as of 2026-06-10, among the most-starred MCP servers

highVerified: 2026-06-10

⚙️Operational Excellence

ease of setup

Setup complexity assessment across MCP hosts

Evidence

npm package chrome-devtools-mcp — Single-command setup via npx chrome-devtools-mcp@latest; no API keys; requires Chrome installed locally; setup snippets provided for all major MCP hosts

highVerified: 2026-06-10

performance

Latency and token-efficiency evaluation of common debugging workflows

Evidence

Chrome DevTools MCP repository — Direct CDP access keeps interaction latency low; text-based snapshots and targeted network/console queries keep token usage manageable relative to screenshot-heavy approaches

mediumVerified: 2026-06-10

feature coverage

Feature completeness assessment against web debugging and automation needs

Evidence

Chrome DevTools MCP tool reference — ~26 tools covering input automation, navigation, performance tracing and insights, network inspection, console/debugging, emulation, and screenshots — unique depth in performance debugging among MCP servers

highVerified: 2026-06-10

community adoption

Adoption metrics and ecosystem-integration analysis

Evidence

GitHub API — 43,277 stars as of 2026-06-10; widely adopted by coding agents for in-browser verification and performance debugging since its 2025 launch

highVerified: 2026-06-10

maintenance activity

Commit frequency and release-cadence analysis

Evidence

GitHub repository activity — Regular releases tracking Chrome versions with active issue triage by the Chrome DevTools team

highVerified: 2026-06-10

Strengths

+First-party Chrome DevTools data: real performance traces, insights, network and console inspection
+Maintained by Google's Chrome DevTools team with very high adoption (43.3k stars)
+~26 well-documented tools spanning automation, debugging, tracing, and screenshots
+Direct CDP control is fast and exposes capabilities no other browser MCP offers
+Runs fully locally over stdio with no vendor telemetry
+Can attach to an existing Chrome session for debugging real user state

Limitations

!Attaching to a running Chrome hands the agent full control of logged-in sessions and open tabs
!Indirect prompt injection from malicious pages is explicitly acknowledged and unmitigated
!Arbitrary JavaScript evaluation in pages enables exfiltration if the agent is steered
!Network and console outputs can leak tokens, credentials, and PII to the LLM provider verbatim
!Chrome-only — no Firefox or WebKit coverage
!No origin allow/block filtering to restrict which sites the agent may visit

Metadata

license: Apache-2.0

supported platforms

0: macOS, Linux, Windows with Node.js 20+ and Chrome installed

programming languages

0: TypeScript

mcp version: 1.0

github repo: https://github.com/ChromeDevTools/chrome-devtools-mcp

github stars: 43277

package: chrome-devtools-mcp

api dependency: Chrome DevTools Protocol (via Puppeteer)

authentication: None required (local browser control)

first release: 2025-09

maintained by: Google (Chrome DevTools team)

status: Active

transport types

0: stdio

installation methods

0: npm

1: npx

Use Case Ratings

code generation

Best-in-class for letting coding agents verify changes in a real browser and debug performance, network, and console issues

data analysis

Strong for performance-trace analysis and network-payload inspection; less aimed at general data extraction

research assistant

Capable interactive browsing, but security posture favors dev/debugging use over open-web research

education

Excellent for teaching web performance and debugging — agents can demonstrate DevTools concepts live

customer support

Can reproduce reported web issues, but session-exposure risk demands isolated profiles