Is Stealth Agent Browser free?

Yes, Stealth Agent Browser is free to use.

How do I install Stealth Agent Browser?

Stealth Agent Browser is a local plugin. Install it using npm package: stealth-agent-browser-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Stealth Agent Browser need?

Stealth Agent Browser requires the following credentials or environment variables: SAB_HEADLESS, SAB_STEALTH_LEVEL, SAB_PROXY_SERVER, SAB_PROXY_USERNAME, SAB_PROXY_PASSWORD, SAB_USER_DATA_DIR. You can find setup instructions on the server detail page.

What AI apps work with Stealth Agent Browser?

Stealth Agent Browser uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Stealth Agent Browser MCP Server

by Ykshah1309

Developer ToolsLow Risk8.1MCP RegistryLocal

Free

Server data from the Official MCP Registry

Stealth Chromium MCP server with hybrid AOM + Set-of-Mark vision and Readability extraction.

About

Stealth Chromium MCP server with hybrid AOM + Set-of-Mark vision and Readability extraction.

Security Report

8.1

Low Risk8.1Low Risk

Valid MCP server (1 strong, 1 medium validity signals). 3 known CVEs in dependencies (0 critical, 2 high severity) Package registry verified. Imported from the Official MCP Registry. Trust signals: trusted author (3/3 approved).

6 files analyzed · 4 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

network_websocket

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

What You'll Need

Set these up before or after installing:

Run Chromium headless. Default: true.Optional

Environment variable: SAB_HEADLESS

off | patched | paranoid. Default: patched.Optional

Environment variable: SAB_STEALTH_LEVEL

Optional proxy URL, e.g. http://host:port.Optional

Environment variable: SAB_PROXY_SERVER

Optional proxy username.Required

Environment variable: SAB_PROXY_USERNAME

Optional proxy password.Required

Environment variable: SAB_PROXY_PASSWORD

Persistent browser profile directory.Optional

Environment variable: SAB_USER_DATA_DIR

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-ykshah1309-stealth-agent-browser-mcp": {
      "env": {
        "SAB_HEADLESS": "your-sab-headless-here",
        "SAB_PROXY_SERVER": "your-sab-proxy-server-here",
        "SAB_STEALTH_LEVEL": "your-sab-stealth-level-here",
        "SAB_USER_DATA_DIR": "your-sab-user-data-dir-here",
        "SAB_PROXY_PASSWORD": "your-sab-proxy-password-here",
        "SAB_PROXY_USERNAME": "your-sab-proxy-username-here"
      },
      "args": [
        "-y",
        "stealth-agent-browser-mcp",
        "-y",
        "stealth-agent-browser-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

stealth-agent-browser-mcp

A Model Context Protocol (MCP) server that gives AI agents a stealth-grade Chromium browser with a hybrid Accessibility-Object-Model + Set-of-Mark vision interface. Built for Claude, works with any MCP-compatible host.

Stealth first. Uses rebrowser-playwright to patch the Runtime.Enable CDP leak that bypasses playwright-extra-class stealth plugins. Passes modern bot-detection suites (CreepJS, bot.sannysoft.com) where vanilla Playwright fails.
Token-lean by default. browser_snapshot returns Playwright aria snapshot YAML (~2–5 KB) instead of raw HTML (100KB+). Every interactive element carries a [ref=eN] id that actions consume directly — no selectors, no drift.
Hybrid vision when it matters. Ask for mode: "hybrid" and the server overlays numbered red boxes on the screenshot so the model can ground visually (Set-of-Mark prompting, Yang et al.). The ref ids on the image match the ids in the YAML. No parallel numbering scheme to go out of sync.
Readability-based content extraction. browser_scroll_read runs Mozilla Readability through JSDOM and returns clean Markdown — optionally delta-only, so re-reads cost nothing when nothing changed.
Proxy-ready. Per-session proxy auth, useful with residential pools.

Authorized use only. Stealth tooling has legitimate applications (accessibility auditing, your-own-account automation, QA against sites you own or have permission to test). Do not use this server to violate a site's terms of service or applicable law. See SECURITY.md.

Install

npm install -g stealth-agent-browser-mcp
# Chromium binary is fetched automatically on first launch
npx playwright-core install chromium

Or run without install via npx stealth-agent-browser-mcp.

Quickstart (Claude Desktop / Claude Code / Cursor)

Add to your MCP config:

{
  "mcpServers": {
    "stealth-browser": {
      "command": "npx",
      "args": ["-y", "stealth-agent-browser-mcp"],
      "env": {
        "SAB_HEADLESS": "true",
        "SAB_STEALTH_LEVEL": "patched"
      }
    }
  }
}

Restart the host. The agent will see the tools listed below.

Tools

Tool	Purpose
`browser_navigate`	Navigate a URL and return a snapshot.
`browser_snapshot`	`aom` (YAML only, cheapest), `vision` (raw screenshot), or `hybrid` (YAML + Set-of-Mark screenshot).
`browser_click`	Click an element by its `[ref=eN]`.
`browser_type`	Type into an input/textarea by ref.
`browser_select`	Choose options in a `<select>` by ref.
`browser_scroll_read`	Scroll and return Readability Markdown (delta-only by default).
`browser_wait_for`	Wait for text or a ref to become visible.
`browser_tabs`	`list` / `new` / `close` / `switch`.
`browser_eval`	Evaluate a JS expression in the page's MAIN world; JSON result.
`browser_set_proxy`	Update single-proxy config (effective after `browser_restart`).
`browser_set_proxy_pool`	Replace residential proxy pool at runtime (effective after `browser_restart`).
`browser_solve_captcha`	Fallback captcha solver (CapSolver / 2Captcha). Detects Turnstile/hCaptcha/reCAPTCHA on the page.
`browser_restart`	Close + re-open the active browser session with current config.

All action tools are addressed by the ref emitted in the last AOM snapshot. Refs are Playwright's own aria-ref=eN ids — there is no parallel numbering scheme.

Configuration

All via environment variables:

Var	Default	Notes
`SAB_HEADLESS`	`true`	`false` for a visible window (debugging).
`SAB_STEALTH_LEVEL`	`patched`	`off` \| `patched` \| `paranoid`.
`SAB_PROXY_SERVER`	—	Single-proxy mode. e.g. `http://host:port`
`SAB_PROXY_USERNAME` / `SAB_PROXY_PASSWORD`	—
`SAB_PROXY_POOL`	—	Residential pool. Comma-separated URLs (`http://u:p@host:port,...`) or a JSON array of `{server, username, password}`.
`SAB_PROXY_ROTATION`	`per-restart`	`per-session` \| `per-restart` \| `static`.
`SAB_PROXY_STICKY_TEMPLATE`	—	Username template for sticky-IP providers. `${sessionId}` interpolates. Example: `brd-customer-c1-zone-res-session-${sessionId}`.
`SAB_HUMAN_MOUSE`	`true`	Bezier-path click with pre-click hesitation. Defeats Datadome trajectory analysis.
`SAB_CAPTCHA_PROVIDER`	`none`	`capsolver` \| `twocaptcha` \| `none`.
`SAB_CAPTCHA_API_KEY`	—	Provider API key.
`SAB_USER_DATA_DIR`	—	Persistent profile directory (cookies build reputation).
`SAB_DEFAULT_TIMEOUT_MS`	`15000`	Per-action timeout.
`SAB_MAX_ANNOTATED`	`75`	Max labelled boxes in hybrid mode.
`SAB_VIEWPORT_W` / `SAB_VIEWPORT_H`	`1366` / `768`
`SAB_LOCALE`	`en-US`
`SAB_TIMEZONE`	`America/New_York`
`LOG_LEVEL`	`info`	`debug`, `warn`, etc. Always writes to stderr.

Architecture

src/
├── index.ts         # Entry (stdio)
├── server.ts        # MCP server + tool registration
├── tools.ts         # Tool handlers
├── browser.ts       # Stealth Chromium launcher (rebrowser-playwright)
├── session.ts       # Per-connection browser/context/page state
├── snapshot.ts      # AOM + Set-of-Mark pipeline
├── annotate.ts      # SVG overlay compositing (sharp)
├── reader.ts        # Readability → Markdown (pierces open shadow roots)
├── fingerprint.ts   # Rotatable UA/viewport/timezone profiles
├── proxy.ts         # Residential pool + rotation + sticky-session template
├── human-mouse.ts   # Bezier-curve cursor paths (ghost-cursor math)
├── captcha.ts       # CapSolver / 2Captcha REST adapters
├── config.ts        # Zod-validated env config
└── logger.ts        # pino → stderr (never stdout)

All logs go to stderr — stdout is reserved for JSON-RPC. Never add console.log.

TLS / JA3 fingerprint — why there is no Node-layer spoofer here

A common ask for scrapers is: "spoof the TLS ClientHello (JA3) to look like Chrome, via curl-impersonate or node-tls-client."

That applies to Node-layer HTTP scrapers (fetch, got, axios) where the TCP connection originates from Node's OpenSSL, which emits a ClientHello signature distinct from Chrome's BoringSSL — and Cloudflare / Akamai Bot Manager drop it at the network layer before a single byte of JavaScript runs.

This MCP does not have that architecture. Every request exits through Chromium. Chromium's TLS stack is Chrome's TLS stack (literally the same BoringSSL build), so the ClientHello JA3 is Chrome's JA3 by construction. No JS-level rewriting is possible or necessary.

The one place TLS can still betray you is if you route through a proxy that terminates and re-initiates TLS (MITM). Residential proxy providers (Bright Data, DataImpulse, Oxylabs residential, SOAX) route at TCP — they do not MITM TLS — and the Chromium handshake reaches the origin unmodified. The products that do MITM TLS are managed scraping browsers (Bright Data's Scraping Browser, Oxylabs Web Unblocker), which ship their own headless Chrome and replace this MCP rather than layering on top of it.

Bottom line: with rebrowser-playwright + residential pool (P1) + human mouse (P2), the TLS fingerprint, CDP runtime, DOM surface, and behavioral layer all match real Chrome. Captcha solving (P3) is a fallback for the 1–5% of sessions that still get flagged.

Benchmarks

npm run bench:stealth launches the configured browser against public bot-detection test pages (bot.sannysoft.com, CreepJS, pixelscan, BrowserLeaks WebRTC) and reports pass/fail. These are the same harnesses used by the rebrowser-patches and Patchright projects — see rebrowser-bot-detector for the reference suite.

Typical local-fixture test run (see test/):

Test	Result
AOM YAML contains refs for all interactive elements	✓
`hybrid` mode returns PNG + YAML, refs match	✓
`click`/`type` by ref produces expected DOM change	✓
Readability extracts article to Markdown	✓
Delta-only scroll returns `(no readable content change)` on repeat	✓

Comparison

	stealth-agent-browser-mcp	playwright-mcp	browser-use MCP	computer use
CDP-level stealth (Cloudflare/DataDome)	✓	✗	partial	✗
Accessibility-tree snapshots	✓	✓	✓	✗
Set-of-Mark vision (ref-labeled screenshot)	✓	✗	✗	pure vision
Readability-based scroll-and-read	✓	✗	✗	✗
Token-lean by default	✓	✓	✗	✗
Bundled agent loop	✗ (host's model drives)	✗	✓	✗

Development

npm install
npx playwright-core install chromium
npm run build
npm test

Contributing

See CONTRIBUTING.md. All contributions under Apache-2.0.

License

Apache-2.0

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

mcp-creator-typescript

Free

by mcp-marketplace · Developer Tools

Scaffold, build, and publish TypeScript MCP servers to npm — conversationally

FinAgent

Free

by mcp-marketplace · Finance

Free stock data and market news for any MCP-compatible AI assistant.

Stealth Agent Browser MCP Server

About

Security Report

Findings (4)Action required

Permissions Required

What You'll Need

How to Install

Documentation

stealth-agent-browser-mcp

Install

Quickstart (Claude Desktop / Claude Code / Cursor)

Tools

Configuration

Architecture

TLS / JA3 fingerprint — why there is no Node-layer spoofer here

Benchmarks

Comparison

Development

Contributing

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent

Stealth Agent Browser MCP Server

About

Security Report

Findings (4)Action required

Permissions Required

What You'll Need

How to Install

Documentation

stealth-agent-browser-mcp

Install

Quickstart (Claude Desktop / Claude Code / Cursor)

Tools

Configuration

Architecture

TLS / JA3 fingerprint — why there is no Node-layer spoofer here

Benchmarks

Comparison

Development

Contributing

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent