Chrome Devtools

49 tools. 34 can modify or destroy data without limits.

1 destructive tool with no built-in limits. Policy required.

Last updated:

34 can modify or destroy data
15 read-only
49 tools total

Community server · catalogue entry verified 02/07/2026

How to control Chrome Devtools ↓

What Chrome Devtools exposes to your agents

Read (15) Write / Execute (33) Destructive / Financial (1)
Critical Risk

The most dangerous Chrome Devtools tools

34 of Chrome Devtools's 49 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Chrome Devtools

PolicyLayer is an MCP gateway — it sits between your AI agents and Chrome Devtools, and nothing reaches the server without passing your rules. These are the rules we recommend:

Deny destructive operations
{
  "uninstall_extension": {
    "deny_if": [
      {
        "conditions": [],
        "on_deny": "Blocked by default. Requires approval."
      }
    ]
  }
}

Destructive tools should never be available to autonomous agents without human approval.

Rate limit write operations
{
  "close_page": {
    "limits": [
      {
        "counter": "close_page_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_console_message": {
    "limits": [
      {
        "counter": "get_console_message_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Chrome Devtools — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON CHROME DEVTOOLS →

Instant setup, no code required.

All 49 Chrome Devtools tools

EXECUTE 31 tools
Execute capture_singlefile Capture the selected page URL as a self-contained SingleFile HTML artifact using the active Chrome DevTools br Execute clear_highlight_and_stop_recording Best-effort clear active highlight, then stop and finalize the active recording. Execute click Clicks on the provided element Execute click_at Clicks at the provided coordinates Execute drag Drag an element onto another element Execute emulate Emulates various features on the selected page. Execute evaluate Evaluates a JavaScript script Execute evaluate_script Evaluate a JavaScript function inside the currently selected page. Returns the response as JSON, so returned v Execute execute_in_page_tool Executes a tool exposed by the page. Execute execute_webmcp_tool Executes a WebMCP tool exposed by the page. Execute fill Type text into an input, text area or select an option from a <select> element. Execute fill_form Fill out multiple form elements at once Execute handle_dialog If a browser dialog was opened, use this command to handle it Execute hover Hover over the provided element Execute install_extension Installs a Chrome extension from the given path. Execute lighthouse_audit Get Lighthouse score and reports for accessibility, SEO and best practices. This excludes performance. For per Execute navigate Loads a URL Execute navigate_page Go to a URL, or back, forward, or reload. Use project URL if not specified otherwise. Execute new_page Open a new tab and load a URL. Use project URL if not specified otherwise. Execute performance_start_trace Start a performance trace on the selected webpage. Use to find frontend performance issues, Core Web Vitals (L Execute performance_stop_trace Stop the active performance trace recording on the selected webpage. Execute press_key Press a key or key combination. Use this when other input methods like fill() cannot be used (e.g., keyboard s Execute reload_extension Reloads an unpacked Chrome extension by its ID. Execute resize_page Resizes the selected page Execute screencast_start Starts recording a screencast (video) of the selected page in mp4 format. Execute screencast_stop Stops the active screencast recording on the selected page. Execute start_recording_and_highlight Start screen recording and apply a deterministic highlight to a target uid on the selected page. Execute trigger_extension_action Triggers an action in a Chrome extension. Execute type_text Type text using keyboard into a previously focused input Execute upload_file Upload a file through a provided element. Execute wait_for Wait for the specified text to appear on the selected page.
READ 15 tools

Related servers

Other MCP servers with similar tools — same risk classification, starter policies for each.

Questions about Chrome Devtools

Can an AI agent delete data through the Chrome Devtools MCP server? +

Yes. The Chrome Devtools server exposes 1 destructive tools including uninstall_extension. These permanently remove resources with no undo. PolicyLayer blocks destructive tools by default so they never reach the upstream server.

How do I prevent bulk modifications through Chrome Devtools? +

The Chrome Devtools server has 2 write tools including close_page, select_page. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Chrome Devtools.

How many tools does the Chrome Devtools MCP server expose? +

49 tools across 4 categories: Destructive, Execute, Read, Write. 15 are read-only. 34 can modify, create, or delete data.

How do I enforce a policy on Chrome Devtools? +

Register the Chrome Devtools MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Chrome Devtools tool call.

Deterministic rules across all 49 Chrome Devtools tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

49 Chrome Devtools tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.