How to use Claude Code with SafeCoBrowser
SafeCoBrowser is an open-source AI co-browsing browser for macOS that lets you bring Claude Code, Codex, or any MCP agent into your logged-in browser — only when you allow it, per tab, with an instant kill switch and a full audit log.
1. Install SafeCoBrowser
Download SafeCoBrowser for macOS, unzip, and launch it. It runs as its own isolated browser — log into the sites you want to work with, just like Chrome.
2. Connect Claude Code over MCP
SafeCoBrowser runs a local MCP server. Add it to Claude Code:
claude mcp add --transport http safecobrowser \
http://127.0.0.1:8676/mcp \
--header "Authorization: Bearer <token>"The bearer token is written to ~/.safecobrowser/endpoint.json when the app launches.
3. Grant a tab
By default Claude Code sees nothing. On the tab you want help with, pick a permission mode in the toolbar (Read, Inspect, Assist, or Developer). The agent now sees only that tab, only from that point forward.
- Off — the default; the agent sees nothing.
- Read — read the page: URL, text, links, screenshots.
- Inspect — inspect elements, read the console and network.
- Assist — click and fill, each action behind your approval.
- Developer — run JavaScript in the page, always approved.
4. Work — and stay in control
Ask Claude Code to read the page, compare data, fill a form, or run a script. Each action appears as an approval card. Hit Stop AI at any time to revoke access instantly. Everything is written to the audit log.
FAQ
- Can Claude Code control SafeCoBrowser?
- Yes — once you connect it over MCP and grant a permission mode for a tab. Claude Code can read, inspect, click, fill, and (in Developer mode) run JavaScript, each behind your approval.
- Does Claude Code see my other tabs?
- No. Permission is per tab. Granting one tab never exposes the others, and never exposes what happened before you enabled it.
- How do I stop the agent?
- Press "Stop AI". It bumps a session epoch checked at execution time, so in-flight and future calls fail closed immediately.