DEV.co
MCP Servers · vibheksoni

stealth-browser-mcp

Stealth Browser MCP is a Python-based browser automation tool that integrates with AI agents via the Model Context Protocol. It uses real Chrome instances with anti-detection mechanisms to bypass common anti-bot systems while providing 97 tools for browser control, network interception, and UI element cloning.

Source: GitHub — github.com/vibheksoni/stealth-browser-mcp
1.5k
GitHub stars
224
Forks
Python
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryvibheksoni/stealth-browser-mcp
Ownervibheksoni
Primary languagePython
LicenseMIT — OSI-approved
Stars1.5k
Forks224
Open issues1
Latest releasev0.2.5 (2026-02-10)
Last updated2026-05-24
Sourcehttps://github.com/vibheksoni/stealth-browser-mcp

What stealth-browser-mcp is

Built on nodriver, Chrome DevTools Protocol, and FastMCP, it runs as an MCP stdio server offering modular tooling (20–97 tools) for headless browser automation with dynamic network hook injection, CDP-level element extraction, and cross-platform support (Windows, macOS, Linux, Docker).

Quickstart

Get the stealth-browser-mcp source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/vibheksoni/stealth-browser-mcp.gitcd stealth-browser-mcp# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Anti-bot protected web scraping and automation

Sites behind Cloudflare, Queue-It, or similar protections that block traditional Selenium/Playwright. Real browser instances and stealth techniques bypass detection while AI orchestrates actions.

Dynamic content extraction with AI orchestration

Pixel-perfect UI cloning via CDP, network request inspection, and AI-driven decision making for complex multi-step workflows requiring human-like interaction patterns.

MCP-native AI agent browser automation

Claude Desktop, Claude Code, or Cursor users needing tightly integrated browser control without custom wrappers. Native tool exposure via stdio transport.

Implementation considerations

  • Requires active Chrome/Chromium browser binary on the host; automatic detection attempts Windows, macOS, Linux, and Docker but may need manual PATH configuration.
  • Modular tool loading (--minimal vs --disable-*) means careful upfront choice of required capabilities; disabling sections later requires restart.
  • Browser instances have 10-minute idle timeout by default; tune BROWSER_IDLE_TIMEOUT to avoid unexpected shutdown in long-running workflows.
  • Network interception and dynamic hook injection require understanding of CDP protocol and Python function generation; non-trivial debugging if hooks fail or interact unexpectedly.
  • File upload operations are restricted to whitelisted directories via BROWSER_FILE_UPLOAD_ALLOWED_DIRS; plan storage layout in advance.

When to avoid it — and what to weigh

  • High-volume parallel scraping needed — Each browser instance is heavyweight. No built-in pooling, scaling, or distributed task queue mentioned. Single-instance or low-concurrency workflows only.
  • Compliance-sensitive data extraction — Bypassing anti-bot systems may violate Terms of Service or violate data protection laws depending on target and jurisdiction. Requires careful legal review per use case.
  • Production reliability without monitoring — 1 open issue, rapid development cycle (created Aug 2025, latest push May 2026), and no mention of error handling strategies, retry logic, or observability tooling. Requires engineering support.
  • Lightweight, zero-dependency automation — Requires Chrome/Chromium installation, Python runtime, and multiple dependencies (nodriver, FastMCP, CDP libraries). Not suitable for minimal environments or CLI-only workflows.

License & commercial use

MIT License (permissive). Allows commercial use, modification, distribution, and private use with minimal restrictions (must include license and copyright notice).

MIT is a permissive OSI-approved license that explicitly permits commercial use without royalties or restrictions on derived works. However, verify that the dependencies (nodriver, FastMCP, Chrome/Chromium runtime) and any anti-bot bypass techniques comply with your target sites' ToS and applicable laws. Consult legal review before deploying against protected services.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceMedium
Security considerations

Browser instances run real Chrome in separate temp profiles with automatic cleanup of orphaned profiles. No explicit mention of sandboxing, privilege escalation, or memory isolation between concurrent sessions. Network interception and dynamic hook injection require careful validation of AI-generated code to prevent injection attacks. HTTP transport is unauthenticated by default—enable bearer token auth for non-local deployments. Stealth techniques may mask malicious activity; use only on systems and targets you own or have explicit permission to test.

Alternatives to consider

Playwright MCP

Standard, open-source browser automation MCP integration; more mature ecosystem but less effective against anti-bot systems. Lower resource overhead and better documented.

Selenium with Undetected ChromeDriver

Lower-level anti-bot evasion; greater control over browser instances; larger community and documentation. Less direct AI agent integration; requires custom orchestration.

Bright Data / Apify / other managed scraping APIs

Handled infrastructure, proxy rotation, and compliance pre-built. Higher cost; less control; suitable when anti-bot bypass is a means, not the core product.

Software development agency

Build on stealth-browser-mcp with DEV.co software developers

Explore Stealth Browser MCP for your AI agent. Start with a minimal setup and expand tools as needed. Review legal and compliance requirements first.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

stealth-browser-mcp FAQ

Does it work on sites I don't own?
Technically yes, but verify ToS and local laws. Bypassing anti-bot systems may violate user agreements, CFAA, or GDPR depending on intent and jurisdiction. Consult legal counsel before deployment.
Can I run multiple browsers in parallel?
Yes, each spawn_browser() call creates an independent instance. No built-in pooling, load balancing, or distributed scaling mentioned; manage concurrency and resource limits yourself.
What happens if the browser crashes?
Unknown. No documented error handling, retry logic, or crash recovery. Monitor stderr logs and implement application-level recovery as needed.
Is this production-ready?
Early-stage (created Aug 2025, 1 open issue). Active maintenance but no SLA, stability guarantees, or formal versioning roadmap. Suitable for MVP and experimentation; evaluate risk tolerance for production workloads.

Custom software development services

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If stealth-browser-mcp is part of your mcp servers roadmap, our team can implement, customize, migrate, and maintain it.

Ready to automate protected web services?

Explore Stealth Browser MCP for your AI agent. Start with a minimal setup and expand tools as needed. Review legal and compliance requirements first.