← Back to Skills Marketplace
BrowserMCP Skill
by
frankausberlin
· GitHub ↗
· v1.0.0
469
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install browsermcp
Description
Automate browser tasks using the BrowserMCP MCP server and Chrome extension. Use for navigating websites, filling forms, clicking elements, taking screenshot...
README (SKILL.md)
BrowserMCP Skill
This skill enables MCP Clients to automate browser interactions through the BrowserMCP protocol. It leverages a local MCP server and a Chrome extension to control the user's actual browser session, allowing for authenticated actions and bypassing common bot detection.
Key Features
- ⚡ Fast: Automation happens locally without network latency
- 🔒 Private: Browser activity stays on the device
- 👤 Logged In: Uses existing browser profile with active sessions
- 🥷 Stealth: Avoids basic bot detection and CAPTCHAs via real browser fingerprint
Prerequisites
Before using BrowserMCP automation:
- MCP Server: BrowserMCP server must be running (via npx)
- Chrome Extension: Browser MCP Chrome extension must be installed and connected
- Active Tab: The target browser tab must be connected via the extension
[!IMPORTANT] The AI can only control tabs that are actively "Connected" via the Browser MCP extension. If you switch tabs, you must reconnect the new tab.
Core Workflow
The standard browser automation process follows an iterative approach:
flowchart TD
A[Navigate to URL] --> B[Take Snapshot]
B --> C[Identify Elements]
C --> D[Interact: Click/Type/etc]
D --> E[Wait for Changes]
E --> B
E --> F[Verify: Screenshot/Logs]
Standard Pattern
| Step | Tool | Purpose | Key Consideration |
|---|---|---|---|
| 1 | navigate |
Open the target URL | Ensure extension is connected first |
| 2 | snapshot |
Capture ARIA tree to identify interactive elements | Refresh after any page changes |
| 3 | click / type |
Interact with page elements | Use exact ref from snapshot |
| 4 | wait |
Pause for dynamic content to load | Essential after navigation/clicks |
| 5 | screenshot |
Visually verify results | Use when uncertain about state |
| 6 | get_console_logs |
Debug JavaScript errors | Check when interactions fail |
Quick Reference
Essential Tools
| Tool | Use When | Parameters |
|---|---|---|
navigate |
Opening a new page | url - full URL including protocol |
snapshot |
Understanding page structure | None - returns ARIA accessibility tree |
click |
Activating buttons/links | element (description), ref (exact ID from snapshot) |
type |
Filling input fields | element, ref, text, submit (optional) |
hover |
Triggering hover menus | element, ref |
select_option |
Choosing from dropdowns | element, ref, values (array) |
press_key |
Keyboard shortcuts | key - e.g., "Enter", "Escape", "ArrowDown" |
wait |
Allowing page to load | time - seconds to wait |
screenshot |
Visual verification | None - returns PNG image |
get_console_logs |
Debugging errors | None - returns recent console output |
go_back / go_forward |
Navigation history | None |
Common Key Values
Navigation: Enter, Escape, Tab
Editing: Backspace, Delete
Arrows: ArrowUp, ArrowDown, ArrowLeft, ArrowRight
Modifiers: Control, Alt, Shift, Meta (combine via modifiers array)
Function: F1-F12
Other: Home, End, PageUp, PageDown, Space
Usage Examples
Example 1: Search on Google
// Step 1: Navigate to search engine
navigate(url="https://google.com")
// Step 2: Type search query (use snapshot to find the ref)
type(element="Google search box", ref="e12", text="BrowserMCP automation", submit=true)
// Alternative: Type then press Enter separately
type(element="Search box", ref="e12", text="BrowserMCP automation")
press_key(key="Enter")
Example 2: Fill and Submit a Login Form
// Step 1: Navigate to login page
navigate(url="https://example.com/login")
// Step 2: Get snapshot to identify form fields
snapshot()
// Step 3: Fill username field
type(element="Username or email field", ref="e5", text="[email protected]")
// Step 4: Fill password field
type(element="Password field", ref="e7", text="password123")
// Step 5: Click login button
click(element="Sign in button", ref="e9")
// Step 6: Wait for redirect
wait(time=2)
// Step 7: Verify successful login with screenshot
screenshot()
Example 3: Navigate and Extract Information
// Navigate to documentation
navigate(url="https://docs.browsermcp.io")
// Wait for page load
wait(time=1)
// Capture accessibility tree to understand structure
snapshot()
// Click on a documentation link
click(element="API Reference link", ref="e15")
// Wait for content to load
wait(time=1)
// Take screenshot for verification
screenshot()
// Check for any JavaScript errors
get_console_logs()
Example 4: Handle Dynamic Content
// Navigate to page with dynamic content
navigate(url="https://example.com/dashboard")
// Wait for initial load
wait(time=2)
// Take snapshot to see available elements
snapshot()
// Click element that triggers dynamic content
click(element="Load more button", ref="e22")
// Wait for new content to appear
wait(time=2)
// Refresh snapshot to see new elements
snapshot()
// Interact with newly loaded element
click(element="New item", ref="e45")
Best Practices
1. Always Use Snapshots for Element Identification
Good:
// Take snapshot first, then use exact refs
snapshot()
click(element="Submit button", ref="e12")
Bad:
// Guessing selectors without snapshot
click(element="button.submit") // May not work with dynamic DOM
2. Wait After Navigation and Major Actions
Dynamic web applications often load content asynchronously. Always wait after:
- Navigation to a new page
- Clicking buttons that trigger requests
- Submitting forms
click(element="Load data button", ref="e8")
wait(time=2) // Wait for data to load
snapshot() // Then get fresh page structure
3. Handle Connection Requirements
Before any automation:
- Verify the Browser MCP extension is installed
- Ensure the target tab is connected (user must click "Connect")
- If connection errors occur, remind the user to reconnect
4. Use Screenshots for Debugging
When interactions fail:
// Take screenshot to see current page state
screenshot()
// Check console for JavaScript errors
get_console_logs()
// Re-snapshot to see updated element refs
snapshot()
5. Respect Privacy and Security
- BrowserMCP uses the user's actual browser profile
- Be cautious with sensitive data
- User remains logged into their services
- All actions happen locally on the device
Reference Navigation
| File | Contents |
|---|---|
references/setup.md |
Detailed installation and configuration for MCP server and Chrome extension |
references/tools.md |
Complete tool reference with parameters and detailed examples |
references/best-practices.md |
Advanced patterns, error handling, and troubleshooting techniques |
references/workflows.md |
Common workflow patterns (forms, authentication, scraping, etc.) |
Troubleshooting
Connection Errors
Error: "No connection to browser extension"
Solution:
- User must click the Browser MCP extension icon in Chrome toolbar
- Click "Connect" button on the target tab
- Only connected tabs can be automated
Element Not Found
Error: Element reference invalid or element not found
Solution:
- Take a fresh
snapshot()- the DOM may have changed - Use the new
refvalues from the updated snapshot - Dynamic content may require
wait()before snapshot
Action Blocked or Failed
Error: Click/type action didn't work as expected
Solution:
- Take a
screenshot()to see current page state - Check
get_console_logs()for JavaScript errors - Verify element is visible and enabled in snapshot
- Check for browser-level popups or security prompts
- Ensure the page has finished loading
CAPTCHA or Bot Detection
Note: BrowserMCP helps avoid basic bot detection by using the real browser profile. However:
- Some sites may still present challenges
- Rate limiting may apply to rapid interactions
- User may need to manually solve some CAPTCHAs
Comparison: BrowserMCP vs Playwright MCP
| Feature | BrowserMCP | Playwright MCP |
|---|---|---|
| Browser | User's existing browser | New browser instance |
| Profile | Uses existing profile with cookies | Isolated profile |
| Authentication | Already logged in | Must log in each session |
| Bot Detection | Lower (real fingerprint) | Higher |
| Multi-tab | One tab at a time | Multiple tabs supported |
| Best For | Personal automation, testing logged-in flows | Testing, CI/CD, isolated sessions |
Tips for Effective Automation
- Start with navigate + wait + snapshot - Establish baseline page state
- Use descriptive element names - Helps with debugging and clarity
- Take screenshots at checkpoints - Visual verification catches issues early
- Check console logs after errors - JavaScript errors explain many failures
- Wait strategically - Too short = flakiness, too long = slowness
- Refresh snapshots after interactions - DOM changes invalidate old refs
- Use submit=true for forms - Cleaner than separate press_key("Enter")
- Combine actions efficiently - Group related operations to minimize round-trips
Resources
- BrowserMCP Website: https://browsermcp.io
- Documentation: https://docs.browsermcp.io
- Chrome Extension: Search "Browser MCP" in Chrome Web Store
- GitHub: https://github.com/browsermcp/mcp
- Based on: Playwright MCP
Usage Guidance
This skill appears to do what it says (control your real browser via a local MCP server + Chrome extension), but that capability is powerful and sensitive. Before installing or using it:
- Verify the extension and MCP package provenance: prefer the Chrome Web Store entry and the official npm/GitHub repository (browsermcp.io / github.com/browsermcp). Inspect extension permissions and the npm package (source, recent releases, maintainers) if possible.
- Understand the privacy impact: the extension can access the active tab, your cookies, and logged-in sessions. Any automation can perform actions on your behalf (post, purchase, read private data). Only run automation you explicitly approve.
- Be cautious with credentials and 2FA: avoid typing real passwords or recovery codes into automated flows unless you fully trust the environment — prefer manual entry or using an isolated browser profile for automation.
- Treat npx usage as remote code execution: npx @browsermcp/mcp@latest will fetch and run third-party code on your machine. If you need stronger assurance, install the package locally, audit it, or use pinned versions rather than @latest.
- 'Stealth' and CAPTCHA-bypass claims increase misuse risk: consider policy and legal implications before automating actions intended to evade bot detection.
If you want a safer setup, ask the skill author for: (1) links to the specific npm package and extension source code, (2) an option to run against an isolated browser/profile (not your default profile), and (3) explicit guidance that forbids automated entry of secrets or automated purchases without user confirmation.
Capability Analysis
Type: OpenClaw Skill
Name: browsermcp
Version: 1.0.0
This skill bundle is classified as suspicious due to its inherent high-risk capabilities and a supply chain dependency. The skill automates browser tasks using the user's existing, authenticated browser profile, allowing access to sensitive sessions, screenshots, and console logs. While the documentation (SKILL.md, references/*.md) explicitly warns about privacy and security, and advises user consent and ethical use, the power to interact with any logged-in website (e.g., banking, email) presents a significant risk if the AI agent is maliciously prompted or if the underlying `npx @browsermcp/mcp@latest` package (specified in `templates/config-template.json`) is compromised via a supply chain attack. There is no evidence of intentional malicious instructions within the skill bundle itself, but the combination of broad browser access and a dynamic dependency warrants a 'suspicious' classification.
Capability Assessment
Purpose & Capability
Name/description align with the instructions and included references: the skill controls a local MCP server + Chrome extension to automate an existing browser session. Requested resources (npx @browsermcp/mcp via template) are consistent with this purpose.
Instruction Scope
SKILL.md focuses on browser automation tools (navigate, snapshot, click, type, screenshot, get_console_logs) and stays within that domain. However, it explicitly instructs actions that can access authenticated sessions (login flows, OAuth, 2FA) and includes examples that type passwords/2FA codes — even if it sometimes recommends manual entry. It also claims 'stealth' and 'bypass common bot detection/CAPTCHAs', which widens potential for misuse.
Install Mechanism
There is no install spec in the package itself, but templates and setup docs instruct adding an MCP server configured to run `npx @browsermcp/mcp@latest`. Using npx/npm to pull and run a remote package is a common pattern for MCP tools but is a moderate-risk install mechanism (remote code executed on the user's machine). No obscure URLs or shorteners are used in documentation; references point to browsermcp.io, GitHub and the Chrome Web Store when available.
Credentials
The skill declares no required env vars or credentials, which is proportionate. However, the guidance and examples show automating passwords/2FA and using the user's existing browser profile (cookies, sessions). That implicitly grants the skill access to sensitive credentials and account sessions via the extension — expected for this capability but high sensitivity in practice. The SKILL.md does not define or require secure handling/storage of secrets.
Persistence & Privilege
No 'always: true' or other elevated persistence or system-wide config changes are requested. The skill is instruction-only and does not request persistent platform-level privileges. It does instruct the user to install a browser extension and run an MCP server locally, which are normal for this functionality.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install browsermcp - After installation, invoke the skill by name or use
/browsermcp - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
browsermcp-skill 1.0.0
- Initial release of BrowserMCP Skill.
- Automate browser tasks using the BrowserMCP server and Chrome extension for real-session, authenticated browser control.
- Offers tools for navigation, form filling, clicking, typing, taking screenshots, reading console logs, supporting stealth and privacy.
- Provides setup instructions, example workflows, best practices, troubleshooting, and local-only automation with active browser tab connection required.
Metadata
Frequently Asked Questions
What is BrowserMCP Skill?
Automate browser tasks using the BrowserMCP MCP server and Chrome extension. Use for navigating websites, filling forms, clicking elements, taking screenshot... It is an AI Agent Skill for Claude Code / OpenClaw, with 469 downloads so far.
How do I install BrowserMCP Skill?
Run "/install browsermcp" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is BrowserMCP Skill free?
Yes, BrowserMCP Skill is completely free (open-source). You can download, install and use it at no cost.
Which platforms does BrowserMCP Skill support?
BrowserMCP Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created BrowserMCP Skill?
It is built and maintained by frankausberlin (@frankausberlin); the current version is v1.0.0.
More Skills