MCP server

A real browser for your agent, over MCP.

Point your agent at the Legba MCP server. It spawns a real Chromium browser on a fresh residential IP, does the work, and burns on close. Spawn a session, navigate, extract. No orchestration code.

This is Legba the disposable browser, not the open-source legba brute-force tool.

Read the docs Get started

What it does

The browser, as MCP tools.

The server exposes session creation, navigation, and extraction as MCP tools. Your agent calls them like any other tool. One config block, no orchestration code, no headless rig to maintain.

SPAWN

Sessions on demand

The agent spawns a fresh browser per task. Real IP, fresh fingerprint, scoped reach.

DRIVE

Navigate and act

Navigate, click, type, and submit. The session runs a real page, not a scraper.

EXTRACT

Read the result

Pull text, links, or a scoped selection. Then destroy the session and leave no trail.

Client setup

Add it to your client.

Paste the snippet into your client config. Swap in your API key and restart the client. The same npx -y legba-browser-mcp command runs everywhere.

Claude Desktop

Settings, then Developer, then Edit Config.

claude_desktop_config.jsonjson

{
  "mcpServers": {
    "legba": {
      "command": "npx",
      "args": ["-y", "legba-browser-mcp"],
      "env": {
        "LEGBA_API_KEY": "lgb_your_api_key"
      }
    }
  }
}

Claude Code

Or run: claude mcp add legba.

.mcp.jsonjson

{
  "mcpServers": {
    "legba": {
      "command": "npx",
      "args": ["-y", "legba-browser-mcp"],
      "env": {
        "LEGBA_API_KEY": "lgb_your_api_key"
      }
    }
  }
}

Cursor

Settings, then MCP, then Add new server.

.cursor/mcp.jsonjson

{
  "mcpServers": {
    "legba": {
      "command": "npx",
      "args": ["-y", "legba-browser-mcp"],
      "env": {
        "LEGBA_API_KEY": "lgb_your_api_key"
      }
    }
  }
}

Windsurf

Settings, then Cascade, then MCP servers.

~/.codeium/windsurf/mcp_config.jsonjson

{
  "mcpServers": {
    "legba": {
      "command": "npx",
      "args": ["-y", "legba-browser-mcp"],
      "env": {
        "LEGBA_API_KEY": "lgb_your_api_key"
      }
    }
  }
}

Get your API key from the dashboard. Keep it in the env block, not in source control.

The tools

Six tools. One lifecycle.

The server exposes the session lifecycle as a small set of tools. Spawn one, drive it, read it, destroy it.

session.spawn(region?, ttl?)
Boot a fresh browser. Real residential IP, fresh fingerprint. Returns a session id.
navigate(session, url)
Drive the session to a URL. The page loads in a real Chromium tab.
extract(session, selector?)
Read the rendered page. Get text, links, or a scoped selection back.
act(session, instruction)
Click, type, and submit. The agent describes the step in plain words.
screenshot(session)
Capture the live viewport. Returns an image of what the session sees.
session.destroy(session)
Burn it. Cookies, storage, tokens, and fingerprint go with it.

cookie preferences

we value your privacy. accept all cookies?

acceptaccept1,438 partners

verify you are humanattempt 7 of 7humancheck

expires in 00:58privacy · terms

data exposedper session

typical · 2.4 mblegba · 0 b

trackers · live view2 active

you?

tracker_1

tracker_2

selection: emptymatch 0.0%

legba · sessionLIVE

> spawn session

fprotated · fresh

ipresidential · fra

tracenone · 0 bytes

> burn on close

uptime 00:12trace none

gated.example.com

403

access denied

automated traffic detected · ref 8841

200

access granted

via legba session · ref 8841

Access anything.
Expose nothing.

Legba is a disposable real browser: it spawns a clean session, does the work, and destroys itself on close.

Get started

Read the docs

chromium / real fingerprint · residential ip · burn on close

Chrome Plugin

OpenClaw

Adversary