# Safer browser automation with a Puppeteer MCP server > Source: > Published: 2026-06-05 21:06:33+00:00 Browser automation is one of the most useful abilities for AI agents. It is also one of the easiest places to make a mess. A browser tool can click, fill forms, run JavaScript, capture pages and move through real user flows. That power needs boundaries. That is why I built a Puppeteer MCP server with safety controls in mind. Repo: [https://github.com/tecnomanu/puppeteer-server](https://github.com/tecnomanu/puppeteer-server) What it supports: For agent workflows, I think the main question is not just can the agent browse? The better question is: can it browse inside explicit limits? A browser MCP server should make unsafe behavior harder by default. Useful cases: I am interested in feedback from people building MCP tools. Which browser permissions should be default-off? And what security controls should every browser automation MCP include?