navigator.modelContext

WebMCP // CLASSIFIED

Your browser is now a server. What did it just expose?

CLEARANCE: DENIED

webmcp-interrogator

$probe navigator.modelContext

>API NOT FOUND — modelContext is undefined

$enumerate capabilities

$check secure context

>INSECURE — WebMCP requires secure context

$scan registered tools

>░░░░░░░░ DENIED ░░░░░░░░

$exit — clearance level: DENIED

DETECTION SIGNALS

FINGERPRINT IMPLICATIONS

The mere presence of navigator.modelContext is a fingerprinting signal. It reveals the user has enabled experimental browser flags — narrowing the anonymity set to a tiny fraction of Chrome users. Combined with Chrome version detection, this creates a high-entropy identifier even before any tools are registered.

When tools are registered by other origins, their names and schemas leak application architecture, tech stack, and user workflows to any page that can enumerate them.