CloakBrowser MCP is a Python MCP server that lets agents control a CloakBrowser-backed browser from Linux servers, CI jobs, and other environments where a normal desktop browser is not available.
It is designed for three runtime modes:
- headless Linux browsing with no
$DISPLAY - virtual-display browsing through Xvfb when headed browser behavior is needed
- CDP connection to an existing CloakBrowser or Chromium-compatible endpoint
The server exposes browser automation tools over MCP stdio, so clients such as Claude Code can start a session, navigate, inspect pages, interact with forms, manage cookies/storage, and work with multiple tabs.
This project is an MCP wrapper and agent-facing extension built on top of CloakHQ/CloakBrowser. CloakBrowser provides the underlying browser launch and anti-detection automation layer; this repository adds the MCP server, tool schema, session lifecycle, Linux headless/virtual-display deployment flow, tests, and agent-oriented documentation around it.
- 28 MCP tools for browser sessions, page interaction, cookies, storage state, and multi-page workflows.
- Works in headless Linux environments by default.
- Optional Xvfb support for virtual display sessions.
- Optional CDP backend for connecting to an existing browser service.
- CloakBrowser launch options for user agent, viewport, proxy, locale, timezone, geolocation, humanization, extensions, headers, permissions, and persistent profile/state.
- iframe-aware select support through
browser_select_option(..., frame_selector="iframe#..."). uv-managed local development and deployment.
- Python 3.11 or newer
uv- Linux, macOS, or another platform supported by the Python dependencies
- For virtual display mode on Linux:
Xvfb
Install uv if needed:
curl -LsSf https://astral.sh/uv/install.sh | shFor virtual display mode on Debian/Ubuntu:
sudo apt-get update
sudo apt-get install -y xvfbIf the runtime does not already have browser binaries available, install the Playwright Chromium browser used by the underlying stack:
uv run python -m playwright install chromiumClone the repository and create an isolated uv environment:
git clone https://github.com/SJF-ECNU/CloakBrowserMCP.git
cd CloakBrowserMCP
uv sync --extra dev --no-editableThe project depends on:
cloakbrowser>=0.4,<1mcp[cli]>=1.28,<2pyvirtualdisplay>=3,<4
After changing source code, rebuild the installed package used by MCP clients:
uv sync --extra dev --no-editable --reinstall-package cloakbrowser-mcpStart the stdio MCP server:
uv run --no-editable cloakbrowser-mcpThe process communicates over stdio. It is normally launched by an MCP client rather than run manually in a terminal.
From the repository root, register the server:
claude mcp add --scope user cloakbrowser -- \
uv --project "$PWD" run --no-editable cloakbrowser-mcpThen restart Claude Code or reconnect MCP servers. Run /mcp in Claude Code and
confirm that cloakbrowser is connected.
If you edit the server code, reinstall the package and reconnect Claude Code:
uv sync --extra dev --no-editable --reinstall-package cloakbrowser-mcpClaude Code may cache MCP tool schemas for the lifetime of a connection, so a restart/reconnect is recommended after tool signature changes.
For clients that read JSON MCP configuration, use an entry like this:
{
"mcpServers": {
"cloakbrowser": {
"command": "uv",
"args": [
"--project",
"/absolute/path/to/CloakBrowserMCP",
"run",
"--no-editable",
"cloakbrowser-mcp"
]
}
}
}Replace /absolute/path/to/CloakBrowserMCP with the local checkout path.
This is the default and is the best choice for Linux servers without a display:
{
"display_mode": "headless"
}Use this when a target site requires headed browser behavior. If $DISPLAY is
already set, the server uses it. Otherwise it starts Xvfb.
{
"display_mode": "virtual"
}Use CDP mode to connect to an existing browser or CloakBrowser service:
{
"backend": "cdp",
"cdp_url": "http://127.0.0.1:9222",
"fingerprint": "agent-session-1"
}You can also set a default CDP URL:
export CLOAK_MCP_DEFAULT_CDP_URL=http://127.0.0.1:9222Session tools:
browser_startbrowser_close
Page basics:
browser_navigatebrowser_clickbrowser_typebrowser_evaluatebrowser_snapshotbrowser_screenshot
Page operations:
browser_wait_for_selectorbrowser_pressbrowser_hoverbrowser_select_optionbrowser_get_textbrowser_get_attributebrowser_get_linksbrowser_scrollbrowser_reloadbrowser_go_backbrowser_go_forward
Context and page management:
browser_get_cookiesbrowser_set_cookiesbrowser_clear_cookiesbrowser_get_storage_statebrowser_save_storage_statebrowser_new_pagebrowser_list_pagesbrowser_switch_pagebrowser_close_page
{
"tool": "browser_start",
"arguments": {
"display_mode": "headless",
"viewport": {"width": 1440, "height": 900},
"locale": "en-US",
"timezone": "UTC"
}
}Then navigate:
{
"tool": "browser_navigate",
"arguments": {
"session_id": "<session_id>",
"url": "https://example.com",
"wait_until": "domcontentloaded"
}
}Use browser_snapshot for URL, title, and visible text. Use browser_get_text
for all visible text or a selector-specific text extraction:
{
"tool": "browser_get_text",
"arguments": {
"session_id": "<session_id>",
"selector": "main"
}
}{
"tool": "browser_type",
"arguments": {
"session_id": "<session_id>",
"selector": "input[name=q]",
"text": "CloakBrowser MCP"
}
}{
"tool": "browser_press",
"arguments": {
"session_id": "<session_id>",
"selector": "input[name=q]",
"key": "Enter"
}
}For a normal page-level <select>, omit frame_selector. For a select inside
an iframe, pass the iframe selector separately:
{
"tool": "browser_select_option",
"arguments": {
"session_id": "<session_id>",
"selector": "#size",
"value": "medium",
"frame_selector": "iframe#preview"
}
}Save storage state:
{
"tool": "browser_save_storage_state",
"arguments": {
"session_id": "<session_id>",
"path": "/tmp/cloak-state.json"
}
}Start a new session with that state:
{
"tool": "browser_start",
"arguments": {
"storage_state": "/tmp/cloak-state.json"
}
}For durable browser profiles, use profile_dir instead. profile_dir and
storage_state are mutually exclusive.
| Option | Type | Notes |
|---|---|---|
backend |
string | direct or cdp. Defaults to direct. |
display_mode |
string | headless, virtual, or cdp. Defaults to headless. |
headless |
bool/null | Overrides headless behavior for direct mode. |
proxy |
string/null | Proxy URL forwarded to CloakBrowser. |
locale |
string/null | Browser locale, for example en-US. |
timezone |
string/null | Browser timezone, for example UTC. |
humanize |
bool | Enables CloakBrowser humanized behavior. |
profile_dir |
string/null | Persistent profile directory. |
cdp_url |
string/null | Required for CDP mode unless env var is set. |
fingerprint |
string/null | Added to the CDP URL as a fingerprint query parameter. |
user_agent |
string/null | Custom user agent. |
viewport |
object/null | Example: {"width": 1440, "height": 900}. |
no_viewport |
bool | Sets Playwright viewport to null. |
color_scheme |
string/null | light, dark, or no-preference. |
geoip |
bool | Forwards CloakBrowser geoip option. |
stealth_args |
bool | Defaults to true. |
args |
array/null | Extra browser launch args. |
extension_paths |
array/null | Browser extension paths. |
human_preset |
string | CloakBrowser humanization preset. |
human_config |
object/null | CloakBrowser humanization config. |
storage_state |
string/object/null | Storage state path or object. |
extra_http_headers |
object/null | Extra HTTP headers. |
permissions |
array/null | Browser context permissions. |
Environment variables:
CLOAK_MCP_DEFAULT_DISPLAY_MODE: default display mode when not providedCLOAK_MCP_DEFAULT_CDP_URL: default CDP endpointCLOAK_MCP_SCREENSHOT_DIR: screenshot output directory
Install development dependencies:
uv sync --extra devRun tests against the source tree:
PYTHONPATH=src uv run pytest -qRun tests against the installed package:
uv sync --extra dev --no-editable --reinstall-package cloakbrowser-mcp
uv run --no-editable pytest -qReal browser smoke tests are opt-in:
CLOAK_MCP_RUN_SMOKE=1 uv run --no-editable pytest tests/test_smoke.py -qVirtual display smoke:
CLOAK_MCP_RUN_VIRTUAL_SMOKE=1 uv run --no-editable pytest tests/test_smoke.py -qCDP smoke:
CLOAK_MCP_SMOKE_CDP_URL=http://127.0.0.1:9222 \
uv run --no-editable pytest tests/test_smoke.py -qBrowser automation can access web pages, cookies, local files referenced by the browser profile, and authenticated sessions. Run the MCP server in an environment appropriate for the trust level of the agent and target websites.
Avoid sharing persistent profile_dir or storage_state files with untrusted
agents.
MIT. See LICENSE.