WebMCP

104 pointsposted 17 hours ago
by sanj
(github.com)

26 Comments

jasonjmcghee

16 hours ago

Surprised to see this on HN front-page.

A lot has happened since I proposed / built this.

WebMCP is being incubated in W3C / webmachinelearning, so highly recommend checking that out as it's what will turn into WebMCP being in your browser.

https://github.com/webmachinelearning/webmcp

koolala

15 hours ago

How much of this can or can't be done by a Extension or Bookmarklet running JS in a page? What is your biggest dream from standardizing this?

jasonjmcghee

14 hours ago

If there's a standard instead of needing to download the Jira mcp server, you just visit their website and all the tools are described and usable from there.

Or put differently, as a company / group / individual, instead of needing to build and distribute an mcp server and public API, you can just support WebMCP.

Another alternative is LLMs / agents operating playwright or the equivalent which will likely be less reliable and consume more tokens. (By a fair margin)

nsonha

14 hours ago

it seems like a cleaner approach to declare a handful of tools that users can approve/ask for granularily, than just say "my website can run any wacky script, here is some bookmarklet, nerds" or the very generic permission model of browser extensions

koolala

13 hours ago

Couldn't that be solved with a simple bookmarklet permission model? The script would request the same pop-up features as a website?

miguelspizza

13 hours ago

It's more providing permission granularity on the action level rather than the sandbox level. Your script might not be able to make external api calls, but there is no way to gate the ability to take destructive action within the webpage.

With something like WebMCP you get elicitation and the ability to disable tools from the client.

koolala

12 hours ago

What kind of destructive action do you mean that is so critical?

miguelspizza

12 hours ago

WebMCP essentially turns your website into an MCP server. Which means it is kind of like building a UI for the LLM that lives alongside the human UI.

It's also a contract for how LLM's interact with a website, they can do no more than the tools allow them to do. When you are running javascript on the page, the entire website is an attack surface.

Let's take gmail, for example. There is no way to protect your webpage from an agent running a script that sends an email by triggering the send email button. But with WebMCP, you can explicitly disable the "send_email" tool when the agent interacts with gmail.

koolala

11 hours ago

That sounds nice. That makes the WebMCP both capabilities and permissions.

socketcluster

an hour ago

My understanding is that this is essentially a hub for MCP servers?

The current and potential benefits are:

- Consistent authentication mechanism for all tools.

- Ease of tool registration/deregistration.

- Tool discovery.

Main drawbacks are:

- Trusting WebMCP npm package to run on your users' computers.

- Trusting WebMCP with access to your site or platform's functionality. Kind of like OAuth?

Does this sound right? Any other pros and cons versus integrating MCP server directly with specific LLMs?

jasonjmcghee

25 minutes ago

That's not how I'd describe it- it's not meant to centralize servers, it's the idea: maybe you don't need to build and distribute a separate downloadable thing for users to interact with your service/product/whatever via agent, and instead they continue to use your website via an appropriate interface for agents.

(Here's another comment with an explanation https://news.ycombinator.com/item?id=45623782)

The npm package is only there as the browser doesn't natively support the behavior (yet). Similarly MCP clients don't have built in support. So it's a bridge/proxy to demonstrate what could be done.

mrasong

10 hours ago

Tried Claude’s Chrome control feature before, it totally blew my mind.

Didn’t expect WebMCP to let you build custom MCP clients too. That’s actually way more flexible!

tobyjsullivan

16 hours ago

I had to skim through this a couple times before I realized that I still need to run an MCP server locally. This is basically a proxy between an LLM and the proposed protocol.

It’s a nice proof of concept.

And makes sense that the goal would be for LLM clients to adopt and support the standard natively. Then the proxy won’t be necessary.

koolala

15 hours ago

ChatGPT couldn't websocket connect to it directly in your browser?

saberience

5 hours ago

This seems like a security nightmare, a way to inject insecure content onto everyone's PC which can then automate actions executed with full user/admin privileges?

Why on Earth would I want this?

jasonjmcghee

14 minutes ago

Entirely executing within the browser sandbox is one way to mitigate this. And that is the current scope of the official w3c proposal for this.

https://github.com/webmachinelearning/webmcp

I attempted to acknowledge the security implications and am not trying to push this as a product/service - this was just a proposal.

Despite it being a proposal, I added token based authentication to mitigate potential abuse by forcing users to intentionally authenticate with a website before it can be used.

dogma1138

12 hours ago

Sitemap.xml is back.

pjmlp

9 hours ago

Never went away, we always have to deliver it somehow on our projects.

westurner

16 hours ago

W3C specs are written with respec: ReSpec docs: https://respec.org/docs/#w3c-documents

W3C Process document > 3.4. Chartered Groups: Working Groups and Interest Groups: https://www.w3.org/policies/process/#GAGeneral

There's WebGPU, WebNN, window.ai, Prompt API, Summarizer API, Writer API, Rewriter API, Language Detector API, Translator API ; and now WebMCP

WebNN: https://www.w3.org/TR/webnn/

webmachinelearning/prompt-api > "Explainer for the Prompt API": https://github.com/webmachinelearning/prompt-api

https://developer.chrome.com/docs/ai/built-in :

> Standardization effort: We're working to standardize all of these APIs for cross-browser compatibility.

> The Language Detector API and Translator API have been adopted by the W3C WebML Working Group. We've asked Mozilla and WebKit for their standards positions.

> The Summarizer API, Writer API, and Rewriter API have also been adopted by the W3C WebML Working Group. We've asked asked Mozilla and WebKit for their standards positions.

webmachinelearning/webmcp: https://github.com/webmachinelearning/webmcp

jasonjmcghee/WebMCP: https://github.com/jasonjmcghee/WebMCP

Having worked on at least one web app with a name that started with "Web", I'm not surprised.

/? mcp chrome: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu... :

- "Show HN: We packaged an MCP server inside Chromium" (today) https://news.ycombinator.com/item?id=45618536 re: browseros-mcp: https://github.com/browseros-ai/BrowserOS/blob/main/docs/bro...

- "Chrome DevTools (MCP) for your AI agent" https://developer.chrome.com/blog/chrome-devtools-mcp .. https://news.ycombinator.com/item?id=45412734 (September 2025) .. :

> We're launching today a public preview for the new Chrome DevTools Model Context Protocol (MCP) server, bringing the power of Chrome DevTools to AI coding assistants.

> Coding agents face a fundamental problem: they are not able to see what the code they generate actually does when it runs in the browser. They're effectively programming with a blindfold on.

> The Chrome DevTools MCP server changes this. AI coding assistants are able to debug web pages directly in Chrome, and benefit from DevTools debugging capabilities and performance insights. This improves their accuracy when identifying and fixing issues.

How could the Chrome DevTools MCP be integrated with the Gemini Computer Use model?

From https://news.ycombinator.com/item?id=45543923 :

> Competency Story: The customer and product owner can write BDD tests in order to validate the app against the requirements

> Prompt: Write playwright tests for #token_reference, that run a named factored-out login sequence, and then test as human user would that: when you click on Home that it navigates to / (given browser MCP and recently the Gemini 2.5 Computer Operator model)

"Introducing the Gemini 2.5 Computer Use model" (October 2025) https://blog.google/technology/google-deepmind/gemini-comput...

Could this help with accessibility reviews?

"Lighthouse accessibility score" https://developer.chrome.com/docs/lighthouse/accessibility/s...

awesome-a11y > Tools: https://github.com/brunopulis/awesome-a11y/blob/main/topics/...

ocdtrekkie

13 hours ago

This explains all the new random GPO settings I had to go disable at the office this week! (A lot of users are reporting performance issues with browsers, seems like all the browsers are adding AI things... seems like a good place to start.)

westurner

3 hours ago

This is as bad or worse than agreeing to voice search with them.

Hadn't realized we've all been opted-in.

My voice assistant used to be able to create a reminder without siphoning everything out to "must be reviewed because it's AI" remote AI.

Is it possible to use non-AI voice search on YouTube (with GoogleTV) without signing one's life away?

Try voice searching for "weather in [city]" with YT on GTV: it launches another (Google) app instead of just adding text to the search field.

When they asked for suggestions for OpenAI's fork of Chromium, I suggested adding fuzzy and regex search in a drawer and sending it upstream; like vimgrep for Chromium. That would help solve for Search, like the original mission of the company.

sublinear

13 hours ago

From https://modelcontextprotocol.io/docs/getting-started/intro

> What can MCP enable? 1) Agents can access your Google Calendar and Notion, acting as a more personalized AI assistant. 2) Claude Code can generate an entire web app using a Figma design. 3) Enterprise chatbots can connect to multiple databases across an organization, empowering users to analyze data using chat. 4) AI models can create 3D designs on Blender and print them out using a 3D printer.

Sure 1 and 3 make sense if they mean "summarize" and not "analyze", 4 maybe, but 2... Oh I don't know where to begin other than to say that even really smart humans have a very hard time dealing with that task based on a figma doc. Wouldn't it make more sense to generate the figma doc if they're already that awful to begin with?

brazukadev

4 hours ago

Why would I use that in place of asking the model to use an API? /s