stealth-browser-mcp
Stealth Browser MCP is a Python-based browser automation tool that integrates with AI agents via the Model Context Protocol. It uses real Chrome instances with anti-detection mechanisms to bypass common anti-bot systems while providing 97 tools for browser control, network interception, and UI element cloning.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | vibheksoni/stealth-browser-mcp |
| Owner | vibheksoni |
| Primary language | Python |
| License | MIT — OSI-approved |
| Stars | 1.5k |
| Forks | 224 |
| Open issues | 1 |
| Latest release | v0.2.5 (2026-02-10) |
| Last updated | 2026-05-24 |
| Source | https://github.com/vibheksoni/stealth-browser-mcp |
What stealth-browser-mcp is
Built on nodriver, Chrome DevTools Protocol, and FastMCP, it runs as an MCP stdio server offering modular tooling (20–97 tools) for headless browser automation with dynamic network hook injection, CDP-level element extraction, and cross-platform support (Windows, macOS, Linux, Docker).
Get the stealth-browser-mcp source
Clone the repository and explore it locally.
git clone https://github.com/vibheksoni/stealth-browser-mcp.gitcd stealth-browser-mcp# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires active Chrome/Chromium browser binary on the host; automatic detection attempts Windows, macOS, Linux, and Docker but may need manual PATH configuration.
- Modular tool loading (--minimal vs --disable-*) means careful upfront choice of required capabilities; disabling sections later requires restart.
- Browser instances have 10-minute idle timeout by default; tune BROWSER_IDLE_TIMEOUT to avoid unexpected shutdown in long-running workflows.
- Network interception and dynamic hook injection require understanding of CDP protocol and Python function generation; non-trivial debugging if hooks fail or interact unexpectedly.
- File upload operations are restricted to whitelisted directories via BROWSER_FILE_UPLOAD_ALLOWED_DIRS; plan storage layout in advance.
When to avoid it — and what to weigh
- High-volume parallel scraping needed — Each browser instance is heavyweight. No built-in pooling, scaling, or distributed task queue mentioned. Single-instance or low-concurrency workflows only.
- Compliance-sensitive data extraction — Bypassing anti-bot systems may violate Terms of Service or violate data protection laws depending on target and jurisdiction. Requires careful legal review per use case.
- Production reliability without monitoring — 1 open issue, rapid development cycle (created Aug 2025, latest push May 2026), and no mention of error handling strategies, retry logic, or observability tooling. Requires engineering support.
- Lightweight, zero-dependency automation — Requires Chrome/Chromium installation, Python runtime, and multiple dependencies (nodriver, FastMCP, CDP libraries). Not suitable for minimal environments or CLI-only workflows.
License & commercial use
MIT License (permissive). Allows commercial use, modification, distribution, and private use with minimal restrictions (must include license and copyright notice).
MIT is a permissive OSI-approved license that explicitly permits commercial use without royalties or restrictions on derived works. However, verify that the dependencies (nodriver, FastMCP, Chrome/Chromium runtime) and any anti-bot bypass techniques comply with your target sites' ToS and applicable laws. Consult legal review before deploying against protected services.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | Medium |
Browser instances run real Chrome in separate temp profiles with automatic cleanup of orphaned profiles. No explicit mention of sandboxing, privilege escalation, or memory isolation between concurrent sessions. Network interception and dynamic hook injection require careful validation of AI-generated code to prevent injection attacks. HTTP transport is unauthenticated by default—enable bearer token auth for non-local deployments. Stealth techniques may mask malicious activity; use only on systems and targets you own or have explicit permission to test.
Alternatives to consider
Playwright MCP
Standard, open-source browser automation MCP integration; more mature ecosystem but less effective against anti-bot systems. Lower resource overhead and better documented.
Selenium with Undetected ChromeDriver
Lower-level anti-bot evasion; greater control over browser instances; larger community and documentation. Less direct AI agent integration; requires custom orchestration.
Bright Data / Apify / other managed scraping APIs
Handled infrastructure, proxy rotation, and compliance pre-built. Higher cost; less control; suitable when anti-bot bypass is a means, not the core product.
Build on stealth-browser-mcp with DEV.co software developers
Explore Stealth Browser MCP for your AI agent. Start with a minimal setup and expand tools as needed. Review legal and compliance requirements first.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
stealth-browser-mcp FAQ
Does it work on sites I don't own?
Can I run multiple browsers in parallel?
What happens if the browser crashes?
Is this production-ready?
Custom software development services
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If stealth-browser-mcp is part of your mcp servers roadmap, our team can implement, customize, migrate, and maintain it.
Ready to automate protected web services?
Explore Stealth Browser MCP for your AI agent. Start with a minimal setup and expand tools as needed. Review legal and compliance requirements first.