Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/XxYouDeaDPunKxX/chatgpt-local-agent-mcp/llms.txt

Use this file to discover all available pages before exploring further.

Browser tools drive automated browser sessions using Playwright and additionally support attaching to an existing Chrome or Edge instance via the Chrome DevTools Protocol (CDP). All 16 tools require the mcp:browser scope. Sessions are isolated by default — each browser_session_create call launches a fresh browser process with no pre-existing cookies, local storage, or login state. CDP attach is the escape hatch for cases where an already-authenticated profile is required.

Prerequisite: Playwright browser binaries

Before using any browser tool, the Playwright browser binaries must be installed on the host:
npx playwright install
Without this step, browser_session_create will fail with a missing executable error. Reinstall after upgrading the package.

Session limits

Configuration variableDefaultDescription
GPT_FS_MCP_BROWSER_SESSION_IDLE_MS1800000 (30 min)Sessions inactive for this duration are automatically closed.
GPT_FS_MCP_MAX_BROWSER_SESSIONS5Maximum number of concurrent browser sessions.
When the session limit is reached, the oldest idle session is evicted before a new one can be created. Screenshot files are pruned according to GPT_FS_MCP_MAX_BROWSER_SCREENSHOT_FILES and GPT_FS_MCP_MAX_BROWSER_SCREENSHOT_BYTES.

Session management tools

1. browser_session_create

AttributeValue
Required scopemcp:browser
Policy modeoperate
Preferred browser entry point. Creates a new isolated Playwright browser session. Use this instead of browser_cdp_connect unless you explicitly need an existing logged-in profile. Parameters
ParameterTypeDefaultDescription
browser"chromium" | "firefox" | "webkit""chromium"Browser engine to launch.
urlstring (URL)Optional initial URL to navigate to after launch.
headlessbooleanfalseRun without a visible browser window.
allowNonHttpbooleanfalseAllow non-http/https URLs (requires confirm: true).
allowedHostnamesstring[][]Immutable host allowlist for this session. Supports exact hostnames and *.example.com wildcards. Navigations and interactions outside this list are blocked.
viewportWidthnumber1440Viewport width in pixels (max 7680).
viewportHeightnumber900Viewport height in pixels (max 4320).
timeoutMsnumber30000Launch and navigation timeout in milliseconds (max 120,000).
confirmbooleanfalseRequired when url uses a non-http scheme and allowNonHttp is true.
Response fields: sessionId, browser, source ("isolated"), headless, url, title, createdAt, lastUsedAt, allowedHostnames.

2. browser_session_list

AttributeValue
Required scopemcp:browser
Policy modeobserve
Lists all currently active Playwright browser sessions, including their IDs, current page URL, title, browser type, and idle timeout status. Idle sessions are cleaned up automatically before the list is returned. Parameters: none. Response fields: sessions (array of session summaries).

3. browser_session_close

AttributeValue
Required scopemcp:browser
Policy modeoperate
Closes a browser session and releases the underlying browser process and all associated resources. Always close sessions when you are done to avoid hitting the concurrent session limit. Parameters
ParameterTypeDescription
sessionIdstring (UUID)Session ID returned by session create.
Response fields: closed (boolean), sessionId.

4. browser_cdp_connect

AttributeValue
Required scopemcp:browser
Policy modeoperate
Risk tagsbrowser, cdp, existing-profile, secret-read
CDP attach connects to an existing Chrome or Edge browser instance, including its active login sessions, stored cookies, and open tabs. It can interact with authenticated sites (banking, email, SaaS dashboards) using credentials you never explicitly provided. Use a dedicated browser profile and never attach to a profile with sensitive accounts unless you are willing to expose those sessions. Requires confirm: true.
Attaches to a Chromium-based browser that has been started with --remote-debugging-port. Use this only when an already-authenticated profile or specific existing tab state is required and cannot be reproduced in an isolated session. Parameters
ParameterTypeDefaultDescription
endpointUrlstring"http://127.0.0.1:9222"CDP HTTP or WebSocket endpoint URL.
confirmbooleanfalseRequired — must be true to attach.
allowRemotebooleanfalseAllow non-loopback CDP endpoints. Requires confirm: true.
isolatedBrowserBypassReasonstring(required)Explain why browser_session_create is not sufficient. Logged for audit.
purposestring(required)Short operational purpose for attaching to an existing profile.
pageIndexnumber0Which existing page/tab to select as the active page.
allowedHostnamesstring[][]Immutable host allowlist for this CDP session.
timeoutMsnumber30000Connection timeout in milliseconds.
Response fields: sessionId, source ("cdp"), cdpEndpoint, pages (list of all open tabs), auditQuality ("sensitive").

5. browser_navigate

AttributeValue
Required scopemcp:browser
Policy modeoperate
Navigates the active page in a session to a new URL. If allowedHostnames was set on the session, the target URL is checked before navigation begins. Out-of-scope popup pages opened during navigation are automatically closed. Parameters
ParameterTypeDefaultDescription
sessionIdstring (UUID)(required)Target session.
urlstring (URL)(required)URL to navigate to.
waitUntil"commit" | "domcontentloaded" | "load" | "networkidle""domcontentloaded"When to consider navigation complete.
allowNonHttpbooleanfalseAllow non-http/https URLs (requires confirm: true).
confirmbooleanfalseRequired for non-http URLs or CDP session navigations.
timeoutMsnumber30000Navigation timeout in milliseconds.

6. browser_page_list

AttributeValue
Required scopemcp:browser
Policy modeobserve
Lists all open pages (tabs) in a browser session. Each entry includes the page index, URL, title, whether it is the currently active page, and whether it is outside the session’s allowedHostnames. Parameters
ParameterTypeDefaultDescription
sessionIdstring (UUID)(required)Target session.
rawbooleanfalseReturn unredacted URLs and titles (requires confirm: true).
confirmbooleanfalseRequired when raw: true.

7. browser_page_select

AttributeValue
Required scopemcp:browser
Policy modeoperate
Makes a different page the active page in the session. Use the pageIndex from browser_page_list. If the target page’s URL is outside the session’s allowedHostnames, the selection is rejected (and the page is closed). Parameters
ParameterTypeDescription
sessionIdstring (UUID)Target session.
pageIndexnumberZero-based page index from browser_page_list.

8. browser_snapshot

AttributeValue
Required scopemcp:browser
Policy modeobserve
Preferred structured read of a web page. Returns an ARIA accessibility tree snapshot of the current page, optimized for AI consumption. Use this before performing element interactions and prefer it over screenshots unless you specifically need to inspect pixels or visual layout. Parameters
ParameterTypeDefaultDescription
sessionIdstring (UUID)(required)Target session.
depthnumber8Maximum ARIA tree depth (max 20).
boxesbooleanfalseInclude bounding boxes for each ARIA node.
maxBytesnumberTruncate snapshot output to this many bytes.
rawbooleanfalseReturn unredacted snapshot content (requires confirm: true).
confirmbooleanfalseRequired when raw: true.
Response fields: ariaSnapshot, url, title, truncated, sourceTrust ("untrusted_external_content"), instructionSafety.

9. browser_wait

AttributeValue
Required scopemcp:browser
Policy modediagnose
Waits for a condition in the current page before proceeding. You can wait for a fixed time, a CSS selector to appear, a load state, or the URL to contain a specific string. Parameters
ParameterTypeDefaultDescription
sessionIdstring (UUID)(required)Target session.
waitMsnumberWait a fixed number of milliseconds (max 60,000).
loadState"domcontentloaded" | "load" | "networkidle"Wait for a Playwright load state.
selectorstringWait until a CSS selector is visible.
urlIncludesstringWait until the page URL contains this string.
timeoutMsnumber30000Maximum time to wait in milliseconds.

Interaction tools

10. browser_click

AttributeValue
Required scopemcp:browser
Policy modeoperate
Clicks an element identified by CSS selector or an ARIA snapshot ariaRef. Prefer ariaRef from browser_snapshot when available — it is more stable than CSS selectors. On CDP sessions, requires confirm: true. Parameters
ParameterTypeDefaultDescription
sessionIdstring (UUID)(required)Target session.
selectorstringCSS selector for the target element.
ariaRefstringARIA ref from browser_snapshot (preferred over selector).
purposestring(required)Short description of why this click is being performed.
targetDescriptionstring(required)Human-readable description of the element being clicked.
expectedNavigationOrMutationstringExpected page change or no-op following the click.
confirmbooleanfalseRequired for CDP sessions.
timeoutMsnumber30000Element wait timeout.

11. browser_fill

AttributeValue
Required scopemcp:browser
Policy modeoperate
Fills an input, textarea, or other editable element by replacing its entire value. Prefer this over browser_type when you want to set a complete value rather than type character by character. Parameters
ParameterTypeDescription
sessionIdstringTarget session.
valuestringText value to fill. Logged as [REDACTED] with length in journal.
selectorstringCSS selector.
ariaRefstringARIA ref from browser_snapshot (preferred).
purposestringShort operational purpose.
targetDescriptionstringHuman-readable target description.
expectedNavigationOrMutationstringExpected outcome.
confirmbooleanRequired for CDP sessions.
timeoutMsnumberElement wait timeout.

12. browser_type

AttributeValue
Required scopemcp:browser
Policy modeoperate
Types text into an element character by character, simulating real keystroke events. Use browser_fill to replace an input value; use browser_type when the application responds to individual keystrokes (e.g. autocomplete fields). Parameters
ParameterTypeDefaultDescription
sessionIdstring(required)Target session.
textstring(required)Text to type character by character.
selectorstringCSS selector.
ariaRefstringARIA ref (preferred).
delayMsnumber0Delay between keystrokes in milliseconds (0–1000).
purposestring(required)Short operational purpose.
targetDescriptionstring(required)Human-readable target description.
expectedNavigationOrMutationstringExpected outcome.
confirmbooleanfalseRequired for CDP sessions.
timeoutMsnumber30000Element wait timeout.

13. browser_press_key

AttributeValue
Required scopemcp:browser
Policy modeoperate
Presses a keyboard key in the active page. Use Playwright key names such as "Enter", "Escape", "Tab", "ArrowDown", or "F5". Prefer browser_click, browser_fill, or browser_type for semantic interactions when possible. Parameters
ParameterTypeDescription
sessionIdstringTarget session.
keystringPlaywright key name (e.g. "Enter", "Escape").
purposestringShort operational purpose.
targetDescriptionstringHuman-readable description.
expectedNavigationOrMutationstringExpected outcome.
confirmbooleanRequired for CDP sessions.
timeoutMsnumberTimeout for the key press.

Inspection tools

14. browser_screenshot

AttributeValue
Required scopemcp:browser
Policy modediagnose
Risk tagsbrowser-content, secret-read, screenshot
Captures a PNG screenshot of the current browser page and saves it to disk. Prefer browser_snapshot for DOM and ARIA understanding; use this tool when you need to inspect visual layout, rendering, or pixel-level details. Screenshots are stored in the server’s data directory and rotated based on the browser screenshot file limit. Parameters
ParameterTypeDefaultDescription
sessionIdstring(required)Target session.
fullPagebooleanfalseCapture the full scrollable page instead of just the visible viewport.
includeImageBase64booleanfalseInclude the PNG as a base64 string in the response (subject to output size limits).
Response fields: path, screenshotId, hash, size, sessionId, url, title, sourceTrust ("untrusted_external_content"), imageBase64?.

15. browser_console

AttributeValue
Required scopemcp:browser
Policy modeobserve
Returns recent console messages captured for a browser session since it was created or last used. URLs and sensitive-looking values in log text are redacted by default. Parameters
ParameterTypeDefaultDescription
sessionIdstring(required)Target session.
limitnumber100Maximum number of most-recent entries to return (max 500).
maxBytesnumberTruncate output to this byte budget.
rawbooleanfalseReturn unredacted log text (requires confirm: true).
confirmbooleanfalseRequired when raw: true.
Response fields: entries (array of { type, text, location?, timestamp, textTruncated? }), truncated, totalBytes, sourceTrust.

16. browser_network

AttributeValue
Required scopemcp:browser
Policy modeobserve
Returns recent network response and request-failure events captured for a browser session. URLs containing auth parameters, tokens, and credentials are redacted by default. Parameters
ParameterTypeDefaultDescription
sessionIdstring(required)Target session.
limitnumber100Maximum number of most-recent entries (max 500).
maxBytesnumberTruncate output to this byte budget.
rawbooleanfalseReturn unredacted URLs (requires confirm: true).
confirmbooleanfalseRequired when raw: true.
Response fields: entries (array of { type, method, url, status?, error?, timestamp }), truncated, totalBytes, sourceTrust.

CDP attach warning

browser_cdp_connect can interact with a browser that is already logged in to banking, email, cloud consoles, and other sensitive services. It can read page contents, fill forms, and click buttons on those pages using your existing session cookies — without you entering any credentials. Avoid attaching to a primary browser profile. Use a dedicated, isolated profile for MCP browser work whenever possible.
ChatGPT’s own safety layer may refuse to execute browser actions on authenticated sites regardless of server-side configuration. The allowedHostnames allowlist on a session is an additional server-side control, but it does not substitute for reviewing what the model is being asked to do.

See also

  • Security Boundaries — how scope enforcement, allowlists, and audit trails limit browser tool blast radius

Build docs developers (and LLMs) love