# chrome-mcp — dedicated Chrome launcher for chrome-devtools MCP (CDP attach) that keeps daily-browsing profile clean from navigator.webdriver=true and the reCAPTCHA hits that come with it

> Source: <https://gist.github.com/ProxiBlue/31fb2a1e5cd253ce903782235274eedb>
> Published: 2026-06-21 13:08:15+00:00

A dedicated Chrome launcher for the [chrome-devtools MCP](https://github.com/ChromeDevTools/chrome-devtools-mcp) server (and any other tool that attaches to Chrome via the Chrome DevTools Protocol). Keeps the daily-browsing profile clean.

To let an AI / MCP / automation tool drive Chrome, you typically launch Chrome with `--remote-debugging-port=9222`

. That works, **but it has two ugly side-effects on whichever Chrome you point it at**:

This is reCAPTCHA's single strongest "this is an automated browser" signal. Even casual browsing starts triggering "verify you're human" challenges, image-grid puzzles, and silently-elevated risk scores at Cloudflare / Akamai / Google.`navigator.webdriver === true`

on every page you visit.**Whatever bind address you used is exposed.** Many tutorials suggest`--remote-debugging-address=0.0.0.0`

, which means anyone on your LAN (or the wider network if the host is reachable) can attach a debugger to your Chrome — read tabs, inject scripts, exfiltrate cookies. Not great.

If you set those flags on your daily Chrome (e.g. by editing the `.desktop`

launcher), **every page you load from then on is fingerprinted as automation**. The reCAPTCHA hits become constant. Site trust scores tank.

Runs a **separate** Chrome instance with:

- Its own
`--user-data-dir`

(`~/.chrome-mcp-profile`

) — completely isolated cookies, history, extensions, and login state from your daily profile. `--remote-debugging-port=9222`

bound to`127.0.0.1`

only —**not**`0.0.0.0`

. Only local processes (your MCP) can attach; nothing on the LAN can.- A pre-flight check that refuses to start if anything is already listening on
`:9222`

(catches the common mistake where the daily browser is still running with the flag inherited from a leftover`.desktop`

override).

Your daily Chrome stays plain. `navigator.webdriver`

is `undefined`

there. reCAPTCHA trust score recovers within hours of removing the leak.

```
chrome-mcp           # foreground; Ctrl+C to stop
chrome-mcp --headless # no UI (still attachable on 9222)
chrome-mcp --bg      # background; logs to /tmp/chrome-mcp.log
mkdir -p ~/bin
curl -fsSL https://gist.githubusercontent.com/ProxiBlue/31fb2a1e5cd253ce903782235274eedb/raw/chrome-mcp -o ~/bin/chrome-mcp
chmod +x ~/bin/chrome-mcp
# ensure ~/bin is on PATH (Ubuntu adds it via .profile if the dir exists at login)
```

If you previously had `--remote-debugging-port=9222`

in a `.desktop`

launcher, strip it out:

```
sed -i 's/ --remote-debugging-port=9222 --remote-debugging-address=0\.0\.0\.0//g' \
  ~/.local/share/applications/google-chrome.desktop
# fully quit Chrome (close all windows + crashpad), then relaunch
pkill -f 'google-chrome.*remote-debugging-port' ; sleep 2
```

After launching:

```
curl -s http://127.0.0.1:9222/json/version | python3 -m json.tool
# The userDataDir field should mention ".chrome-mcp-profile" — NOT Default.
```

On your daily browser, open the JS console and check:

```
navigator.webdriver
// expected: undefined  (NOT true)
```

Visit [https://bot.sannysoft.com](https://bot.sannysoft.com) to see a fuller fingerprint check.

Playwright's `--isolated`

mode creates a fresh browser CONTEXT per session inside the same browser. That works for Playwright's own scripted runs, but the chrome-devtools MCP attaches to an already-running Chrome via CDP — there's no Playwright runtime to isolate. The `chrome-mcp`

script is the equivalent for the CDP-attach case: a separate process with its own profile dir.

MIT.
