Tap is a local MCP server that drives your own logged-in Chrome — and saves every task as a tap that replays deterministically at zero tokens.
Local-first: credentials never leave your machine. No cloud proxy, no API key inside the engine, no telemetry. Threat model →
Two actions total. The Chrome Web Store click is the trust step — you are consciously handing your agent your browser. Nothing else is manual.
That's it. The bundle installs the engine to ~/.tap/bin on first
run; the bridge registers itself; your next message to Claude can drive the browser.
brew install LeonTing1010/tap/taprun && tap embed claude-code
…or with npx (no brew): npx -y @taprun/cli embed claude-code
— the binary self-installs to ~/.tap/bin so the bridge survives version bumps.
npx -y @taprun/cli embed cursor # or: embed vscode
Prints a one-click deep link + the mcp.json snippet.
tap embed --verify walks the ladder —
stable binary → bridge manifest → extension → live socket — and names
the exact fix for the first missing rung.
For CI, headless boxes, or if you'd rather not install a browser extension.
Still 100% local — the engine launches its own Chrome with a persistent profile
at ~/.tap/profile. Log in to each site once; sessions persist.
npx -y @taprun/cli embed claude-code --no-extension
Or add the config manually to any MCP host:
{
"mcpServers": {
"taprun": {
"command": "npx",
"args": ["-y", "@taprun/cli", "mcp", "stdio"],
"env": { "TAP_RUNTIME": "playwright", "TAP_PROFILE": "own" }
}
}
}
TAP_PROFILE=chrome +
TAP_CHROME_PROFILE=<dir>) but Chrome must be closed —
the engine will tell you exactly that if it finds Chrome running.
Point any remote-capable MCP client at:
https://taprun.dev/mcp
100 free calls/day. Read-only, public-page taps only — the demo browser has no logins and accepts no credentials, by design.
What you get in every case: 4 MCP verbs (capture / verify / mark / run) +
your saved taps as resources. AI participates only at compile time —
replays are pure data, zero tokens.