74
/ 100
7 days ago
glama

mcp-zen

Lets MCP clients control a live Zen/Firefox browser to navigate, click, fill forms, screenshot, and execute JavaScript through a persistent server and browser extension.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: EXTENSION_SECRET
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configCONTAINERIZED
configEXTENSION_PORTsets MCP_HTTP_PORT (default 8791) alongside (default
🔐 secretEXTENSION_SECRETedit .env, paste the secret from the options page as
configMCP_HTTP_PORTsets (default 8791) alongside EXTENSION_PORT (default
configMCP_ZEN_LOCK
configMCP_ZEN_URL
configXDG_RUNTIME_DIR
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/mikesmullin-mcp-zen-1lmzfo)](https://m8ven.ai/mcp/mikesmullin-mcp-zen-1lmzfo)
commit: e6c969787522c89ec160a55e08e5702162ea3f47
code hash: 04238be7adb7969c76bad699b9858d137ec46be694812821e8903a21866da683
verified: 7/6/2026, 10:31:33 AM
view raw JSON →