Twenty-three browser tools discovered
The server exposed navigation, snapshot, click, typing, form, screenshot, tab, console, network, and code execution tools.
evidence/trust5/2026-06-11-mcp-pilot.json
MCP serverPublished
Playwright MCP Server
Playwright MCP passed a real MCP smoke test for browser navigation and accessibility snapshot extraction. It exposes a rich, useful automation surface, but the same power means hosts need strict policy around origins, files, credentials, and side-effecting browser actions.
Independent trust badge
The visible trust mark for this verdict.
Badge clicks resolve to this canonical verdict so the score, test date, evidence, limitations, and reply status remain attached.
Embed
Show this badge on your site
[](https://silentcritique.com/verdicts/playwright-mcp)Markdown works in GitHub READMEs. The badge always links back to this verdict.
Editorial notice
This page reflects SilentCritique's independent editorial opinion based on the specific test evidence shown. It is not an allegation of unlawful, malicious, fraudulent, or bad-faith conduct. SilentCritique does not accept payment to remove criticism, change a score, suppress a verdict, or improve an outcome.
Claim tested
Can the public Playwright MCP server navigate to a controlled page and return an accessibility snapshot through MCP?
Evaluator panel
Protocol harnessBrowser-automation reviewerSafety reviewer
Evidence reviewed
Navigation succeeded
The harness navigated to a controlled data: URL fixture titled SilentCritique Trust 5.
evidence/trust5/2026-06-11-mcp-pilot.json
Accessibility snapshot returned expected structure
The browser_snapshot call returned a main element, heading "Trust 5 fixture", and button "Ready".
evidence/trust5/2026-06-11-mcp-pilot.json
Test setup
- Started @playwright/mcp@0.0.76 over MCP stdio with --headless.
- Used the official MCP client SDK to list tools, navigate to a local data: URL fixture, and request a browser snapshot.
- Stored the full tool-call evidence in evidence/trust5/2026-06-11-mcp-pilot.json.
Strengths
- Browser navigation and accessibility introspection worked in the smoke test.
- The tool surface is broad enough for real agentic browser workflows.
- The returned snapshot is text-structured and suitable for model planning without relying on screenshots.
Failure modes
- Browser automation can create real side effects when pointed at authenticated or transactional sites.
- The tested configuration did not stress allowed-origin, blocked-origin, file-access, or credential boundaries.
- The large tool surface increases host responsibility for approval policy and audit logging.
What would improve the score
- Publish safe default configurations for origin allowlists and file access.
- Add a public smoke-test command that produces a small signed evidence artifact.
- Separate high-risk tools visually in client UIs and approval flows.
Limitations
- This was an unsolicited smoke test of the public package, not a full browser security review.
- Only a controlled data: URL page was tested.
- No login, file upload, network interception, or destructive site workflow was evaluated.
Visible dissent
- The browser-automation reviewer scored this high because the core browser loop worked and the tool surface is mature.
- The safety reviewer withheld points because browser agents need stricter host policy than a smoke test can prove.
Right of reply
No vendor reply has been requested or published as of 2026-06-11. SilentCritique will publish factual corrections or a right of reply through the corrections process.
Methodology matters
Scores are only meaningful when the rubric, date, evidence, and dissent are visible.
Read methodology