Skip to content

mcp-server-browserbase.md

Latest commit

 

History

History
129 lines (82 loc) · 3.04 KB

mcp-server-browserbase.md

File metadata and controls

129 lines (82 loc) · 3.04 KB

🟡 mcp-server-browserbase

Allow LLMs to control a browser with Browserbase and Stagehand

Field Value
Grade B
Risk Score 17
Version 3.0.0
Vendor browserbase
Stars ⭐ 3311
npm Package @browserbasehq/mcp
npm Downloads (30d) 3.7k
Language TypeScript
Source mcp-server-browserbase
Scan Date 2026-05-06
Scanner tooltrust-scanner/v0.3.9

Findings Summary

Severity Count
Critical 0
High 1
Medium 0
Low 1
Info 6

Detailed Findings

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

Scored using ToolTrust methodology · Raw JSON report