A dedicated Chrome launcher for the chrome-devtools MCP server (and any other tool that attaches to Chrome via the Chrome DevTools Protocol). Keeps the daily-browsing profile clean.
To let an AI / MCP / automation tool drive Chrome, you typically launch Chrome with --remote-debugging-port=9222
. That works, but it has two ugly side-effects on whichever Chrome you point it at:
This is reCAPTCHA's single strongest "this is an automated browser" signal. Even casual browsing starts triggering "verify you're human" challenges, image-grid puzzles, and silently-elevated risk scores at Cloudflare / Akamai / Google.navigator.webdriver === true
on every page you visit.Whatever bind address you used is exposed. Many tutorials suggest--remote-debugging-address=0.0.0.0
, which means anyone on your LAN (or the wider network if the host is reachable) can attach a debugger to your Chrome — read tabs, inject scripts, exfiltrate cookies. Not great.
If you set those flags on your daily Chrome (e.g. by editing the .desktop
launcher), every page you load from then on is fingerprinted as automation. The reCAPTCHA hits become constant. Site trust scores tank.
Runs a separate Chrome instance with:
- Its own
--user-data-dir
(~/.chrome-mcp-profile
) — completely isolated cookies, history, extensions, and login state from your daily profile. --remote-debugging-port=9222
bound to127.0.0.1
only —not0.0.0.0
. Only local processes (your MCP) can attach; nothing on the LAN can.- A pre-flight check that refuses to start if anything is already listening on
:9222
(catches the common mistake where the daily browser is still running with the flag inherited from a leftover.desktop
override).
Your daily Chrome stays plain. navigator.webdriver
is undefined
there. reCAPTCHA trust score recovers within hours of removing the leak.
chrome-mcp # foreground; Ctrl+C to stop
chrome-mcp --headless # no UI (still attachable on 9222)
chrome-mcp --bg # background; logs to /tmp/chrome-mcp.log
mkdir -p ~/bin
curl -fsSL https://gist.githubusercontent.com/ProxiBlue/31fb2a1e5cd253ce903782235274eedb/raw/chrome-mcp -o ~/bin/chrome-mcp
chmod +x ~/bin/chrome-mcp
If you previously had --remote-debugging-port=9222
in a .desktop
launcher, strip it out:
sed -i 's/ --remote-debugging-port=9222 --remote-debugging-address=0\.0\.0\.0//g' \
~/.local/share/applications/google-chrome.desktop
pkill -f 'google-chrome.*remote-debugging-port' ; sleep 2
After launching:
curl -s http://127.0.0.1:9222/json/version | python3 -m json.tool
On your daily browser, open the JS console and check:
navigator.webdriver
// expected: undefined (NOT true)
Visit https://bot.sannysoft.com to see a fuller fingerprint check.
Playwright's --isolated
mode creates a fresh browser CONTEXT per session inside the same browser. That works for Playwright's own scripted runs, but the chrome-devtools MCP attaches to an already-running Chrome via CDP — there's no Playwright runtime to isolate. The chrome-mcp
script is the equivalent for the CDP-attach case: a separate process with its own profile dir.
MIT.