A lot has happened since I proposed / built this.
WebMCP is being incubated in W3C / webmachinelearning, so highly recommend checking that out as it's what will turn into WebMCP being in your browser.
With something like WebMCP you get elicitation and the ability to disable tools from the client.
It's also a contract for how LLM's interact with a website, they can do no more than the tools allow them to do. When you are running javascript on the page, the entire website is an attack surface.
Let's take gmail, for example. There is no way to protect your webpage from an agent running a script that sends an email by triggering the send email button. But with WebMCP, you can explicitly disable the "send_email" tool when the agent interacts with gmail.
Or put differently, as a company / group / individual, instead of needing to build and distribute an mcp server and public API, you can just support WebMCP.
Another alternative is LLMs / agents operating playwright or the equivalent which will likely be less reliable and consume more tokens. (By a fair margin)
It’s a nice proof of concept.
And makes sense that the goal would be for LLM clients to adopt and support the standard natively. Then the proxy won’t be necessary.
> What can MCP enable? 1) Agents can access your Google Calendar and Notion, acting as a more personalized AI assistant. 2) Claude Code can generate an entire web app using a Figma design. 3) Enterprise chatbots can connect to multiple databases across an organization, empowering users to analyze data using chat. 4) AI models can create 3D designs on Blender and print them out using a 3D printer.
Sure 1 and 3 make sense if they mean "summarize" and not "analyze", 4 maybe, but 2... Oh I don't know where to begin other than to say that even really smart humans have a very hard time dealing with that task based on a figma doc. Wouldn't it make more sense to generate the figma doc if they're already that awful to begin with?
If anyone wants to test out WebMCP, you can go to: https://webmcp.sh/ (this is a WebMCP server)
With the MCP-B chrome extension (this is a WebMCP client): https://chromewebstore.google.com/detail/mcp-b-extension/dao...
and use it to call WebMCP tools
Didn’t expect WebMCP to let you build custom MCP clients too. That’s actually way more flexible!
Why on Earth would I want this?
https://github.com/webmachinelearning/webmcp
I attempted to acknowledge the security implications and am not trying to push this as a product/service - this was just a proposal.
Despite it being a proposal, I added token based authentication to mitigate potential abuse by forcing users to intentionally authenticate with a website before it can be used.
The current and potential benefits are:
- Consistent authentication mechanism for all tools.
- Ease of tool registration/deregistration.
- Tool discovery.
Main drawbacks are:
- Trusting WebMCP npm package to run on your users' computers.
- Trusting WebMCP with access to your site or platform's functionality. Kind of like OAuth?
Does this sound right? Any other pros and cons versus integrating MCP server directly with specific LLMs?
(Here's another comment with an explanation https://news.ycombinator.com/item?id=45623782)
The npm package is only there as the browser doesn't natively support the behavior (yet). Similarly MCP clients don't have built in support. So it's a bridge/proxy to demonstrate what could be done.
westurner•3mo ago
W3C Process document > 3.4. Chartered Groups: Working Groups and Interest Groups: https://www.w3.org/policies/process/#GAGeneral
There's WebGPU, WebNN, window.ai, Prompt API, Summarizer API, Writer API, Rewriter API, Language Detector API, Translator API ; and now WebMCP
WebNN: https://www.w3.org/TR/webnn/
webmachinelearning/prompt-api > "Explainer for the Prompt API": https://github.com/webmachinelearning/prompt-api
https://developer.chrome.com/docs/ai/built-in :
> Standardization effort: We're working to standardize all of these APIs for cross-browser compatibility.
> The Language Detector API and Translator API have been adopted by the W3C WebML Working Group. We've asked Mozilla and WebKit for their standards positions.
> The Summarizer API, Writer API, and Rewriter API have also been adopted by the W3C WebML Working Group. We've asked asked Mozilla and WebKit for their standards positions.
webmachinelearning/webmcp: https://github.com/webmachinelearning/webmcp
jasonjmcghee/WebMCP: https://github.com/jasonjmcghee/WebMCP
Having worked on at least one web app with a name that started with "Web", I'm not surprised.
/? mcp chrome: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu... :
- "Show HN: We packaged an MCP server inside Chromium" (today) https://news.ycombinator.com/item?id=45618536 re: browseros-mcp: https://github.com/browseros-ai/BrowserOS/blob/main/docs/bro...
- "Chrome DevTools (MCP) for your AI agent" https://developer.chrome.com/blog/chrome-devtools-mcp .. https://news.ycombinator.com/item?id=45412734 (September 2025) .. :
> We're launching today a public preview for the new Chrome DevTools Model Context Protocol (MCP) server, bringing the power of Chrome DevTools to AI coding assistants.
> Coding agents face a fundamental problem: they are not able to see what the code they generate actually does when it runs in the browser. They're effectively programming with a blindfold on.
> The Chrome DevTools MCP server changes this. AI coding assistants are able to debug web pages directly in Chrome, and benefit from DevTools debugging capabilities and performance insights. This improves their accuracy when identifying and fixing issues.
How could the Chrome DevTools MCP be integrated with the Gemini Computer Use model?
From https://news.ycombinator.com/item?id=45543923 :
> Competency Story: The customer and product owner can write BDD tests in order to validate the app against the requirements
> Prompt: Write playwright tests for #token_reference, that run a named factored-out login sequence, and then test as human user would that: when you click on Home that it navigates to / (given browser MCP and recently the Gemini 2.5 Computer Operator model)
"Introducing the Gemini 2.5 Computer Use model" (October 2025) https://blog.google/technology/google-deepmind/gemini-comput...
Could this help with accessibility reviews?
"Lighthouse accessibility score" https://developer.chrome.com/docs/lighthouse/accessibility/s...
awesome-a11y > Tools: https://github.com/brunopulis/awesome-a11y/blob/main/topics/...
ocdtrekkie•3mo ago
westurner•3mo ago
Hadn't realized we've all been opted-in.
My voice assistant used to be able to create a reminder without siphoning everything out to "must be reviewed because it's AI" remote AI.
Is it possible to use non-AI voice search on YouTube (with GoogleTV) without signing one's life away?
Try voice searching for "weather in [city]" with YT on GTV: it launches another (Google) app instead of just adding text to the search field.
When they asked for suggestions for OpenAI's fork of Chromium, I suggested adding fuzzy and regex search in a drawer and sending it upstream; like vimgrep for Chromium. That would help solve for Search, like the original mission of the company.