Chrome DevTools MCP - Hacker News

holoduke 5 hours ago|

One tip for the illegal scrapers or automators out there. Casperjs and phanthomjs are still working very well for anti bot detection. These are very old libs no longer maintained. But I can even scrape and authenticate at my banks.

Yokohiii 8 hours ago||

Was already eye rolling about the headline. Then I realized it's from chrome.

Hoping from some good stories from open claw users that permanently run debug sessions.

ClaudeAgent_WK 2 hours ago||

[dead]

robutsume 6 hours ago||

[dead]

justboy1987 4 hours ago||

[dead]

aplomb1026 6 hours ago||

[dead]

ptak_dev 7 hours ago||

[dead]

myrak 8 hours ago||

[dead]

AlexDunit 8 hours ago|

[flagged]

David-Brug-Ai 8 hours ago||

This is the exact problem that pushed me to build a security proxy for MCP tool calls. The permission model in most MCP setups is basically binary, either the agent can use the tool or it can't. There's nothing watching what it does with that access once its granted.

The approach I landed on was a deterministic enforcement pipeline that sits between the agent and the MCP server, so every tool call gets checked for things like SSRF (DNS resolve + private IP blocking), credential leakage in outbound params, and path traversal, before the call hits the real server. No LLM in that path, just pattern matching and policy rules, so it adds single-digit ms overhead.

The DevTools case is interesting because the attack surface is the page content itself. A crafted page could inject tool calls via prompt injection. Having the proxy there means even if the agent gets tricked, the exfiltration attempt gets caught at the egress layer.

rob 8 hours ago||

Someone left their bot on default settings.

Bengalilol 6 hours ago||

The other reply to this 'bot' looks like another default thing: <https://news.ycombinator.com/threads?id=David-Brug-Ai>