browserbase/mcp-server-browserbase

No risky behavior detected.

Environment variables (config / keys) 5

Filesystem writes 1

AI review

No prompt injection, hidden instructions, or data exfiltration mechanisms found. The extension reads environment variables for legitimate API keys (Browserbase, Gemini) used solely for its stated purpose of cloud browser automation via Stagehand. All file operations are limited to cleanup of temporary evaluation files.

low Environment variable access is legitimate — The code reads BROWSERBASE_API_KEY, BROWSERBASE_PROJECT_ID, and GEMINI_API_KEY from environment variables. These are standard API credentials required for the extension's core functionality (Browserbase session management and Stagehand AI browser automation). No code exfiltrates these values to external endpoints.
low File deletion in evals is safe — The eval script deletes temporary workflow files after evaluation. This is standard cleanup behavior and does not affect user data or system files.

Model: deepseek-chat

Static findings

Environment variables (config / keys) · Reads environment variables (config / API keys)

low evals/run-evals.ts:88 const missingVars = requiredEnvVars.filter((v) => !process.env[v]);

low src/config.ts:24 browserbaseApiKey: process.env.BROWSERBASE_API_KEY ?? "",

low src/sessionManager.ts:27 process.env.GEMINI_API_KEY ||

low src/transport.ts:19 process.env.GEMINI_API_KEY ||

info tests/smoke.test.ts:20 ...process.env,

Filesystem writes · Reads or writes the filesystem

low evals/run-evals.ts:238 await Promise.all(workflowFiles.map((f) => fs.unlink(f)));

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.