F

npm:pagebolt-mcp

https://www.npmjs.com/package/pagebolt-mcp
55/100 · MCP Trust Grade · checked 3h ago · MCP 1.13.0

What it offers — 11 tools · Finance & Crypto

take_screenshot

Capture a screenshot of a URL, HTML, or Markdown content. Supports device emulation, ad/chat/tracker blocking, metadata extraction, geolocation, timez

generate_pdf

Generate a PDF from a URL or HTML content. Supports custom margins, headers/footers, page ranges, and scaling. Saves the PDF to disk and returns the f

create_og_image

Generate an Open Graph / social card image. Returns an image using built-in templates or custom HTML.

run_sequence

Execute a multi-step browser automation sequence. Navigate pages, interact with elements (click, fill, select), and capture multiple screenshots/PDFs/

record_video

Record a professional demo video of a multi-step browser automation sequence. Produces MP4/WebM/GIF with cursor highlighting, click effects, smooth mo

inspect_page

Inspect a web page and get a structured map of all interactive elements, headings, forms, links, and images — each with a unique CSS selector. Use thi

observe_page

Get a compact, token-budgeted

visual_diff

Compare two web pages (or HTML strings) pixel-by-pixel and return a diff image highlighting all visual differences. Supports full-page capture, device

list_devices

List all available device presets for viewport emulation (e.g. iphone_14_pro, macbook_pro_14). Use the returned device names with the viewportDevice p

check_usage

Check your current PageBolt API usage and plan limits.

create_session

Create a persistent browser session (Starter+ plan required). The session keeps a live browser page open so you can reuse cookies, localStorage, and a

Spec / packaging20%100
Security (OWASP MCP)30%15
Maintenance / popularity20%100
Tool hygiene15%70
Transparency / provenance15%90

Findings

FAILMCP01 Prompt-injection / hidden-instruction markup found in package source.
WARNMCP08 References sensitive file paths / environment secrets.
INFO Static analysis of npm package pagebolt-mcp@1.13.0 (stdio server — no remote endpoint). Reliability/behavioral signals require running it; not measured.
Grade another server

We re-grade npm:pagebolt-mcp on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.

Share this report card

A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.

MCP Trust report card — npm:pagebolt-mcp grade F
Share on X Open card image

Embed this grade

A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.

MCP Trust Grade F · wmcp.sh
[![MCP Trust Grade F](https://wmcp.sh/mcp/grade/npm%3Apagebolt-mcp/badge.svg)](https://wmcp.sh/mcp/grade/npm%3Apagebolt-mcp)
<a href="https://wmcp.sh/mcp/grade/npm%3Apagebolt-mcp"><img src="https://wmcp.sh/mcp/grade/npm%3Apagebolt-mcp/badge.svg" alt="MCP Trust Grade F · wmcp.sh"></a>

Agents: check this before connecting

Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:

https://wmcp.sh/mcp/trust
How this grade is computed. An open, independent rubric — Spec conformance (20%), Security mapped to the OWASP MCP Top 10 (30%), Reliability (20%), Tool hygiene (15%), Transparency (15%) — run by connecting to the server and inspecting its real MCP surface. The grade is free and identical whether or not the operator pays. v1 uses static + spec signals from a single connection; continuous uptime, real latency, and annotation-truthing (declared readOnly vs observed behavior) layer on via the wmcp.sh proxy.