new_tab

Open a new tab, optionally navigating to a URL

Server Chrome Profile MCP Server nghiahsgs/vibe-mcp-chrome
Category Execute
Risk class High
Parameters 00 required

What new_tab does on Chrome Profile MCP Server

AI agents invoke new_tab to trigger actions in Chrome Profile MCP Server. What it does depends on the arguments the agent supplies, and its effects often reach beyond the immediate call — builds kicked off, notifications sent, workflows started.

Why new_tab needs a policy

While opening a tab alone might seem Write-like, the capability to navigate to arbitrary URLs transforms this into Execute category. An AI agent could be manipulated into opening malicious URLs, performing unauthorized navigation, or triggering unwanted page loads with side effects (credential harvesting, malware download, XSS exploitation via crafted URLs).

From the tool's definition Tool enables opening a new tab and optionally navigating to a URL via Chrome DevTools Protocol. The sibling tools (click, evaluate_js, navigate, press_key) indicate this server performs browser automation—runtime control of a real Chrome instance.

Questions about new_tab

What does the new_tab tool do? +

Open a new tab, optionally navigating to a URL. It is categorised as a Execute tool in the Chrome Profile MCP Server MCP Server, which means it can trigger actions or run processes. Use rate limits and argument validation.

How do I enforce a policy on new_tab? +

Register the Chrome Profile MCP Server MCP server in PolicyLayer and add a rule for new_tab: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Chrome Profile MCP Server. Nothing to install.

What risk level is new_tab? +

new_tab is a Execute tool with high risk. Execute tools should be rate-limited and have argument validation enabled.

Can I rate-limit new_tab? +

Yes. Add a rate_limit block to the new_tab rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.

How do I block new_tab completely? +

Set action: deny in the PolicyLayer policy for new_tab. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.

What MCP server provides new_tab? +

new_tab is provided by the Chrome Profile MCP Server MCP server (nghiahsgs/vibe-mcp-chrome). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.

// LOOK UP ANOTHER SERVER

Every MCP server has a record like this.

Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.

Teams ship this data inside their own products. See what a licence covers →

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.