periscope-mcp
Runs Google Lighthouse audits to evaluate web page performance, accessibility, and SEO, returning structured scores.
periscope-mcp
A website and web-app testing MCP server built for AI agents — not a thin wrapper around browser APIs. Static sites, SPAs, dashboards behind a login: its 66 Playwright-powered tools are shaped around how agents actually work:
Hard results, not screenshot-squinting —
assert_conditionreturnspassed: true/falsewith the actual value; checks return structured issues.One call instead of ten —
auto_fill_formdetects, infers, and fills a whole form;interact_and_testbatches 25 action types with checks;test_projectcrawls and audits an entire site.Real web-app testing — persistent authenticated sessions (form/basic/ cookie auth, plus a visible interactive login for 2FA/SSO/CAPTCHA that then runs headless), multi-step flows, network mocking, state snapshots, and real INP measured from the interactions it drives.
Honest responses — failures say what happened and what to do next (expired session vs. browser crash vs. eviction); silent no-ops like ignored drags come back flagged, not as fake success.
Debugging built in — captured API response bodies, console/network logs, network mocking, and state snapshots/diffs, no setup calls needed.
Audits agents can't get from a browser binding — accessibility, SEO, and GEO/agentic-search readiness (robots.txt AI-crawler access, llms.txt, WebMCP), plus real Lighthouse.
Playwright + headless Chrome underneath; site crawling, responsive testing, and screenshot diffing on top. Works with any MCP client — Claude Code, Codex, Cursor, Windsurf, Gemini CLI, custom agents, or anything else that speaks MCP over stdio.
Why not just playwright-mcp?
playwright-mcp is excellent at what it is: general browser control over MCP, with tools that mirror Playwright's own API. If the job is "browse this site, click around, extract something," use it.
Periscope exists for a different job: testing and auditing a site or web app, then reporting findings — and its tools encode the testing knowledge an agent would otherwise have to reinvent every session:
Raw browser control | Periscope | |
Verifying an outcome | Read a screenshot or DOM dump and judge |
|
Filling a form | One call per field, agent invents test data |
|
Auth | Re-login by scripting clicks each session | Projects persist form/basic/cookie auth; sessions share the logged-in context |
Site-wide audit | Loop pages manually |
|
Diagnosing a broken page | Ask for logs, replay requests | Response bodies, console, and network are captured automatically; mock APIs with |
Silent failures | Drag "succeeds," nothing moved | Flagged in the result, with the recovery path spelled out |
AI-readiness audits | — | robots.txt AI-crawler access, llms.txt, WebMCP annotations, JSON-LD, plus real Lighthouse scores |
The two aren't rivals — an agent can happily use playwright-mcp for browsing tasks and Periscope when it's wearing the QA hat. Periscope's design bets are simply about that hat: fewer, higher-level calls; structured verdicts instead of raw page state; and errors written to tell the agent what to do next.
Related MCP server: Scout
Architecture
MCP client (AI agent) --> MCP Server (stdio) --> Playwright (Headless Chrome)
| |
+-- Projects (JSON) +-- Persistent Sessions
+-- Screenshots (PNG) +-- Network Interception
+-- Reports (JSON) +-- Device Emulation
+-- Videos (WebM)How it works: your MCP client connects to this server over stdio. The server exposes 66 tools the agent can call to create projects, configure authentication, crawl websites, run static checks, and interactively test web applications using persistent browser sessions. Results (JSON + screenshots + videos) are returned to the agent for analysis.
Project Structure
periscope-mcp/
├── server.py # MCP server entry point (stdio wiring + dispatch)
├── tool_schemas.py # All 66 MCP tool definitions (schemas)
├── runtime.py # Shared singletons (project store, sessions, browser)
├── coercion.py # Argument coercion for MCP clients with stale schemas
├── handlers/ # Tool handlers, grouped by category
│ ├── registry.py # @tool(name) decorator + HANDLERS registry
│ ├── projects.py # create/list/get/delete project
│ ├── auth.py # form login, basic auth, cookies, copy_auth
│ ├── static_testing.py # test_url, crawl, test_project, reports, responsive
│ ├── session_tools.py # open/close/list sessions, viewport, history
│ ├── interactive.py # click, fill, steps, element queries, dialogs
│ ├── analysis.py # forms, links, keyboard nav, tables, toasts, contrast
│ ├── advanced.py # network mocking, storage, iframes, emulation, recording
│ ├── agent_speed.py # assertions, smart find, auto-fill, snapshots
│ ├── web.py # web_search, web_fetch
│ └── discovery.py # describe_tools catalog
├── tester.py # Playwright browser control + test orchestration
├── crawler.py # Page discovery (BFS crawl, same-domain only)
├── projects.py # Project CRUD + auth config storage
├── auth.py # Authentication handlers (form, basic, cookies)
├── sessions.py # SessionManager + PageSession — persistent page lifecycle
├── interactions.py # Interaction primitives (click, fill, execute_steps)
├── utils.py # Screenshot comparison (Pillow pixel diff)
├── config.py # Global settings (timeouts, paths, session limits)
├── checks/
│ ├── visual.py # Broken images, favicon, overflow, small text
│ ├── accessibility.py # Alt text, labels, headings, lang, ARIA, keyboard nav
│ ├── functionality.py # Broken links, forms, SEO, performance, link checker
│ └── geo.py # GEO/agentic search: robots.txt AI crawlers, llms.txt, WebMCP, JSON-LD
├── tests/ # Unit tests (no browser) + tests/e2e/ (real browser + fixture pages)
├── data/ # Created at runtime (gitignored — contains credentials)
├── Dockerfile
├── docker-compose.yml
└── .mcp.json.example # MCP registration template (copy to .mcp.json)Prerequisites
Python 3.11+
Playwright + Chromium browser
Installation (Local)
Quick install (Debian/Ubuntu)
One command — clone and install:
git clone https://github.com/segentic-lab/periscope-mcp.git && cd periscope-mcp && ./install.shFully unattended (no confirmation prompts):
git clone https://github.com/segentic-lab/periscope-mcp.git && cd periscope-mcp && ./install.sh -yAlready cloned? Just run ./install.sh from the repo directory.
The script installs apt prerequisites, creates the venv, installs Python
dependencies and Playwright's Chromium, runs a headless self-test, and
generates mcp-config.json with the correct absolute paths for this install
(copy or merge it into your project's .mcp.json). Useful flags:
./install.sh --system-chromium— use an existing Chromium/Chrome (setsCHROMIUM_PATH) instead of downloading Playwright's build./install.sh --skip-deps— never touch apt / use sudo./install.sh -y— non-interactive (no confirmation prompts)
On any other platform the script doesn't modify your system — it prints the
exact commands to run for your OS (./install.sh --manual macos|fedora|arch|suse|windows to pick explicitly).
Updating
./update.shPulls the latest source from GitHub (git pull --ff-only) and refreshes the
install: Python dependencies, Playwright browser (kept on system Chromium if
that's what the install uses), the registry + headless-launch self-test, and a
regenerated mcp-config.json. Works on any platform with an existing install.
Your data/ directory (projects, credentials, screenshots, reports) is never
touched.
./update.sh --force— stash local modifications to tracked files first (recover withgit stash pop)./update.sh --full— also re-check apt prerequisites on Debian/Ubuntu (uses sudo)
If you have local modifications, the script refuses and lists them instead of overwriting.
Manual install
# Clone the repo
cd periscope-mcp
# Create virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Install Chromium for Playwright
playwright install chromiumInstallation (Docker)
docker compose up -dSee Docker Deployment section below.
Connecting an MCP Client
Periscope is a standard stdio MCP server: point any MCP client at
venv/bin/python server.py and you're done. ./install.sh generates
mcp-config.json with the correct absolute paths for your machine; most
clients accept that shape directly:
{
"mcpServers": {
"periscope": {
"command": "/path/to/periscope-mcp/venv/bin/python",
"args": ["/path/to/periscope-mcp/server.py"]
}
}
}Client-specific examples:
Claude Code — copy the config into the project as
.mcp.json(cp .mcp.json.example .mcp.jsonand adjust paths), or runclaude mcp add periscope -- /path/to/venv/bin/python /path/to/server.pyCursor / Windsurf — add the block above to
~/.cursor/mcp.json/~/.codeium/windsurf/mcp_config.jsonCodex CLI — add to
~/.codex/config.toml:[mcp_servers.periscope]withcommandandargsas aboveCustom agents — any MCP SDK client can spawn the server over stdio with the same command and args
After configuring, restart your client.
Teaching your agent to use the tools
AGENTS.md contains a ready-made system-prompt block — workflows,
tool-selection guidance, and known pitfalls. Paste its contents into your
agent's system prompt (or custom instructions) so it drives the 66 tools
effectively instead of discovering the conventions by trial and error.
MCP Tools Reference (66 tools)
Project Management (4 tools)
Tool | Description | Required Params |
| Create a new testing project |
|
| List all projects | (none) |
| Get project details |
|
| Delete project + data |
|
Authentication (7 tools)
Tool | Description | Required Params |
| Configure username/password form login |
|
| Configure HTTP Basic Auth |
|
| Inject session cookies |
|
| Execute login using configured auth |
|
| Open a visible window to log in by hand (2FA/SSO/CAPTCHA), then |
|
| Capture the manual-login session; the project then runs authenticated + headless |
|
| Copy auth config + session state between projects |
|
For logins that can't be automated — 2FA/MFA, SSO/OAuth redirects, CAPTCHA, magic
links — use interactive_login (opens a real browser window; requires a display
on the server), complete the login yourself, then save_login. It captures the
authenticated session (cookies + localStorage) into the project, and every
future headless session reuses it. Re-run when the session expires (Periscope
flags that automatically — see the auth-expiry detection in test_project).
Static Testing (3 tools)
Tool | Description | Required Params |
| Test a single URL (screenshot + checks) |
|
| Discover all pages from base URL |
|
| Full audit: crawl + test all pages |
|
Results (3 tools)
Tool | Description | Required Params |
| Get screenshot file path |
|
| List saved test reports | (optional: |
| Read a report file |
|
Session Management (4 tools)
Sessions keep browser pages alive across tool calls, enabling multi-step interactive workflows.
Tool | Description | Required Params |
| Open persistent browser session ( |
|
| Close session and free resources |
|
| List all active sessions | (none) |
| Switch viewport size (8 device presets or custom w/h) |
|
set_viewport presets: mobile_sm (320x568), mobile (375x812), mobile_lg (428x926), tablet (768x1024), tablet_lg (1024x1366), laptop (1366x768), desktop (1920x1080), desktop_lg (2560x1440)
Interactive Actions (6 tools)
Tool | Description | Required Params |
| Click element ( |
|
| Fill form fields, optionally submit |
|
| Native |
|
| Multi-step workflow with 25 actions (see below) |
|
| List matching elements with attributes |
|
| Scroll element into viewport without clicking |
|
interact_and_test supports 25 step actions:
click, force_click, fill, force_fill, type, select, select_option, wait, wait_for, wait_for_text, screenshot, navigate, hover, press_key, check, uncheck, scroll_to, scroll_within, evaluate_js, drag, right_click, go_back, go_forward, upload_file, wait_for_network
Analysis (9 tools)
Tool | Description | Required Params |
| Analyze form validation messages | (url or session_id) |
| Pixel diff between two screenshots |
|
| Test at mobile/tablet/desktop viewports |
|
| Comprehensive link checker (internal + external) | (url or session_id) |
| Measure click-to-result timing |
|
| Parse HTML table into structured JSON (headers → cell values) |
|
| Capture visible toast/notification messages |
|
| Real Google Lighthouse audit: 0-100 scores, Core Web Vitals, failed audits (needs Node.js) |
|
| Export real INP time series (per interaction) as JSON/CSV + percentile stats |
|
Workflow Speed (8 tools)
Tool | Description | Required Params |
| Quick screenshot of current page state |
|
| Run checks on active session (no new page) |
|
| Browser history: back, forward, or reload |
|
| Accept/dismiss JS alert/confirm/prompt (call BEFORE trigger) |
|
| Set file(s) on |
|
| Wait for specific API URL pattern to complete |
|
| Wait for element to disappear (modal close, spinner gone) |
|
| Raw outerHTML of elements, or full page HTML |
|
Advanced Testing (8 tools)
Tool | Description | Required Params |
| Mock API responses (test error/empty/loading states) |
|
| Remove network mocks (all, or by pattern) |
|
| Read localStorage or sessionStorage |
|
| Write to localStorage or sessionStorage |
|
| Switch into iframe content (returns new session) |
|
| Get actual rendered CSS values |
|
| Throttle network: |
|
| Toggle |
|
Recording & Console (3 tools)
Tool | Description | Required Params |
| Record workflow as video |
|
| Tab-order and focus indicator audit | (url or session_id) |
| Get all console errors/logs (passive monitoring) |
|
AI Agent Speed Tools (8 tools)
Tool | Description | Required Params |
| Programmatic pass/fail: text_contains, element_exists, url_contains, etc. |
|
| Smart finder by text, tag, role, or proximity to another element |
|
| Auto-detect fields, infer types, fill with test data. One call = many fills. |
|
| All captured network requests (URL, status, method, type) |
|
| Actual API response body text (diagnose 400/500 errors) |
|
| Named checkpoints: snapshot / restore / diff page state |
|
| Read all cookies from session |
|
| WCAG AA/AAA contrast ratio checks on text elements |
|
Web & Discovery (3 tools)
Tool | Description | Required Params |
| Search DuckDuckGo: titles + URLs + snippets |
|
| Fetch URL, extract readable text (or raw HTML); TLS verified by default |
|
| Structured catalog of all tools with workflows and tips | (none) |
Test Checks
Visual (checks/visual.py)
Broken images (incomplete load or 0 natural width)
Missing favicon
Horizontal overflow / layout issues
Very small text (< 12px)
Missing body background color
Images without explicit width/height dimensions
Accessibility (checks/accessibility.py)
Images missing
alttext (decorative images exempt:alt="",role="presentation"/"none",aria-hidden)Links and buttons without accessible names (checks text,
aria-label, resolvablearia-labelledby,title,img[alt], svg<title>;aria-hiddenelements exempt)Form inputs without associated labels (
label[for], wrapping label,aria-label/aria-labelledby,title)Heading hierarchy (missing H1, multiple H1, skipped levels)
Missing
langattribute on<html>Duplicate
idvalues (breaklabel[for]and aria references)ARIA validity: unknown
rolevalues,aria-labelledby/describedby/controls/owns/activedescendantreferences to non-existent idsMissing skip navigation link (scans the first 5 links)
Elements with
tabindex > 0Keyboard navigation audit (tab order, visible focus indicators, element-identity cycle detection) — via
test_keyboard_navigationtool
Functionality (checks/functionality.py)
Broken internal links (HTTP HEAD check, up to 20 links in
check_functionality)Comprehensive link checker with external link support (up to 100 links) — via
check_linkstoolForms without action or submit button
Orphan buttons outside forms
External links missing
target="_blank"Required form field count
Autocomplete disabled inputs
SEO (checks/functionality.py -> check_seo)
Page title: missing, too long (> 60 chars), or very short (< 15 chars)
Meta description: missing, too long (> 160 chars), or very short (< 50 chars)
Missing viewport meta tag
Missing canonical URL
H1 heading: missing or more than one
Open Graph: missing entirely, incomplete core tags (
og:title/description/image/url), non-absoluteog:image, missingtwitter:cardJSON-LD structured data: missing or unparseable blocks
noindexvia robots meta orX-Robots-Tagresponse headerrobots.txt blocking search engine crawlers (Googlebot, Bingbot, DuckDuckBot, ...) — error if all are blocked
Site-wide (via
test_project): duplicate titles / meta descriptions across pages, reported undersite_issues
GEO / Agentic Search (checks/geo.py -> check_geo)
Generative Engine Optimization — is the site readable and usable by AI crawlers, answer engines, and in-browser agents:
robots.txt blocking AI crawlers (GPTBot, ClaudeBot, PerplexityBot, Google-Extended, CCBot, and 11 more)
llms.txtpresence and format compliance (Markdown with at least one H1)WebMCP integration: declarative
<form toolname>annotations present and complete (tooldescription), form coverage ratio, and — when the browser exposesdocument.modelContext— registered tool enumeration with schema/name/description validationJSON-LD structured data presence (what answer engines cite from)
robots.txt and llms.txt are fetched once per origin and cached for the server's lifetime.
Performance (checks/functionality.py -> get_performance_metrics)
DOM content loaded time (ms)
Full page load time (ms)
First paint / first contentful paint (ms)
Core Web Vitals (lab values via buffered PerformanceObserver): Largest Contentful Paint (ms), Cumulative Layout Shift, Total Blocking Time approximation from long tasks (+ long-task count)
Interaction to Next Paint (INP) —
interaction_to_next_paint_ms: the real INP, measured from Event Timing entries for the interactions Periscope drives (null until you've interacted). This is a genuine field-style measurement, not the TBT lab proxy — Lighthouse can't produce INP in lab mode at all.Resource count
Total transfer size (bytes / KB)
For scored, Lighthouse-official metrics use the run_lighthouse tool — it runs the real Lighthouse CLI (requires Node.js) and returns 0-100 category scores, official Core Web Vitals, and failed audits, saving the full JSON report to data/reports/.
INP time series (get_interaction_log)
Because Periscope drives real interactions, it can log each one's INP over an
extended interactive test. get_interaction_log(session_id, format="json"|"csv")
writes a file to data/reports/ — one row per interaction (t_ms, epoch_ms,
inp_ms, type, target, url) plus percentile stats (p50/p75/p90/p98/worst)
— for graphing INP over time. clear=true resets the recording. Records are
capped per session (MAX_INTERACTION_LOG, oldest dropped).
Test Output Format
Each test_url call returns:
{
"url": "https://example.com",
"status": "success",
"status_code": 200,
"title": "Page Title",
"screenshot_path": "/path/to/screenshot.png",
"load_time_ms": 1500,
"issues": [
{
"type": "accessibility",
"severity": "error",
"message": "3 images missing alt text",
"details": ["img1.png", "img2.png", "img3.png"]
}
],
"issue_count": 5,
"issues_by_severity": {"error": 1, "warning": 2, "info": 2},
"issues_by_type": {"accessibility": 2, "seo": 2, "visual": 1},
"performance": {
"dom_content_loaded_ms": 120,
"load_complete_ms": 1500,
"first_paint_ms": 140,
"first_contentful_paint_ms": 140,
"resource_count": 25,
"total_size_bytes": 512000,
"total_size_kb": 500
},
"console_errors": []
}test_project returns an aggregated report with per-page results + summary.
Usage Examples
Basic test (no auth)
User: "Test https://example.com for issues"
The agent calls:
1. create_project(name="example", base_url="https://example.com")
2. test_project(project="example")
3. Analyzes results and reports findingsTest with login
User: "Test https://myapp.com, login is admin/password123"
The agent calls:
1. create_project(name="myapp", base_url="https://myapp.com")
2. set_form_login(project="myapp", login_url="https://myapp.com/login",
username="admin", password="password123")
3. login_project(project="myapp")
4. test_project(project="myapp")Test with Basic Auth
User: "Test https://staging.example.com, it uses basic auth admin/secret"
The agent calls:
1. create_project(name="staging", base_url="https://staging.example.com")
2. set_basic_auth(project="staging", username="admin", password="secret")
3. login_project(project="staging")
4. test_project(project="staging")Test with cookies
User: "Test myapp using this session cookie: session=abc123"
The agent calls:
1. set_cookies(project="myapp", cookies=[
{"name": "session", "value": "abc123", "domain": "myapp.com"}
])
2. test_project(project="myapp")Interactive testing (session-based)
User: "Go to myapp.com, click the login button, fill in the form, and check what happens"
The agent calls:
1. open_session(url="https://myapp.com") → session_id
2. get_page_elements(session_id=..., selector="button, a") → see clickable elements
3. click_element(session_id=..., selector="#login-btn") → screenshot after click
4. fill_form(session_id=..., fields=[
{"selector": "#email", "value": "user@test.com"},
{"selector": "#password", "value": "test123"}
], submit_selector="button[type='submit']")
5. Analyzes screenshot to see result
6. close_session(session_id=...)Scripted multi-step workflow (no session needed)
User: "Test the checkout flow on myshop.com"
The agent calls:
1. interact_and_test(
url="https://myshop.com/products/1",
steps=[
{"action": "click", "selector": "#add-to-cart"},
{"action": "wait", "timeout": 1000},
{"action": "click", "selector": "#checkout-btn"},
{"action": "fill", "selector": "#email", "value": "test@test.com"},
{"action": "screenshot", "label": "checkout_form"},
{"action": "click", "selector": "#submit-order"}
],
run_checks=["visual", "accessibility"]
)Responsive testing
User: "Check how example.com looks on mobile, tablet, and desktop"
The agent calls:
1. test_responsive(url="https://example.com", run_checks=["visual"])
→ Returns screenshots at 375x812, 768x1024, and 1920x1080Switch viewport during a session
User: "Show me how this page looks on mobile"
The agent calls:
1. set_viewport(session_id=..., device="mobile")
→ Returns screenshot at 375x812Test error handling by mocking an API
User: "What happens when the API returns a 500 error?"
The agent calls:
1. intercept_network(session_id=..., url_pattern="/api/tasks", status=500,
body='{"error": "Internal server error"}')
2. navigate_session(session_id=..., action="reload")
3. screenshot_session(session_id=...)
→ Shows how the app handles the error stateTest dark mode
User: "Does this site support dark mode?"
The agent calls:
1. open_session(url="https://example.com") → session_id
2. test_dark_mode(session_id=..., mode="dark")
→ Screenshot shows the page with prefers-color-scheme: darkWait for dynamic content
User: "Submit this form and wait for the success message"
The agent calls:
1. fill_form(session_id=..., fields=[...], submit_selector="#submit")
2. wait_for_network(session_id=..., url_pattern="/api/submit")
3. screenshot_session(session_id=...)Test on slow network
User: "How does this page load on a slow connection?"
The agent calls:
1. emulate_network(session_id=..., preset="slow_3g")
2. navigate_session(session_id=..., action="reload")
3. screenshot_session(session_id=...)
4. emulate_network(session_id=..., preset="reset")Configuration
Edit config.py to change defaults (env-overridable settings note the variable):
Setting | Default | Description |
|
| Run Chrome in headless mode (env: |
|
| Seconds to wait after a non-headless browser opens (env: |
|
| Page load timeout (ms) |
|
| Browser viewport width |
|
| Browser viewport height |
| unset | Path to a system Chromium binary (env: |
|
| Navigation wait strategy; never-idle pages (Turnstile, websockets) auto-downgrade to |
|
| Default max pages to crawl |
|
| Default max crawl depth |
|
| Max concurrent interactive sessions (env: |
|
| Auto-expire idle sessions after N seconds (env: |
|
| Max bytes captured per response body |
|
| Max captured response bodies kept per session |
|
| Max console entries kept per session |
|
| Max network log entries kept per session |
Data Storage
All data is stored in the data/ directory:
data/projects.json- Project configs (name, URL, auth, settings). Auth credentials are stored in plaintext - do not commit this file.data/screenshots/{project}/- PNG screenshots per project. Filenames are{domain}_{path}_{hash}.pngfor static tests,interactive_{timestamp}_{label}.pngfor session screenshots.data/reports/{project}_{timestamp}.json- Full test reports with all findings.data/videos/{project}/- Recorded session videos (WebM format from Playwright).data/diffs/- Screenshot comparison diff images.
Docker Deployment
Build and run
docker compose up -dConnect an MCP client to the Docker container
Point your client's MCP config at the container instead of the venv:
{
"mcpServers": {
"periscope": {
"command": "docker",
"args": ["exec", "-i", "periscope", "python", "/app/server.py"]
}
}
}Persist data
The docker-compose.yml mounts ./data as a volume so screenshots, reports, and project configs survive container restarts.
Key Design Decisions
Per-project browser contexts - Each project gets its own Playwright BrowserContext. This keeps sessions (cookies, auth) isolated between projects.
Lazy browser init - The Playwright browser is only launched on the first tool call, not at server startup. If the browser crashes or fails to launch, it re-creates on the next call.
BFS crawling - The crawler uses breadth-first search with depth tracking. It stays on the same domain and skips non-page resources (images, PDFs, etc.).
Check modularity - Each check category is a separate module in
checks/. Add new checks by creating a function that takes a PlaywrightPageand returnslist[dict].JSON storage - Projects are stored in a single
projects.jsonfile. No database needed for the expected scale (dozens of projects, not thousands).Persistent sessions - Interactive testing uses a
SessionManagerthat keeps Playwright pages alive in a dict keyed by session ID. Sessions auto-expire after idle timeout and are capped at a configurable maximum to prevent resource leaks.Ephemeral vs session mode - Tools like
get_page_elements,interact_and_test, andcheck_linksaccept either asession_id(reuses an existing page) or aurl(creates a temporary page that's closed after use). This makes them flexible for both interactive and one-shot use.
Adding New Checks
Create a function in the appropriate
checks/*.pyfile:
async def check_something(page: Page) -> list[dict]:
# Run your check
result = await page.evaluate("() => { ... }")
issues = []
if result:
issues.append({
"type": "your_category", # visual, accessibility, seo, etc.
"severity": "error", # error, warning, info
"message": "Description",
"details": [] # optional
})
return issuesImport and call it in
tester.pyinsidetest_url().
Known Limitations
No JavaScript SPA routing support (relies on
<a href>for crawling)Default
check_functionalitylink checking limited to 20 internal links (usecheck_linkstool for up to 100 with external support)Form login detection uses CSS selectors, may need customization for non-standard forms
No parallel page testing (pages are tested sequentially)
Interactive sessions auto-expire after 300s idle (configurable via
SESSION_TIMEOUT)Max 20 concurrent sessions (configurable via
MAX_SESSIONS)The default
dragstep (Playwrightdrag_to) is silently ignored by pointer-tracking DnD libraries (@hello-pangea/dndand similar) — the step succeeds but nothing moves. Retry withmethod: "mouse"on the drag step (stepped manual drag that crosses the library's drag-start threshold), or drive the library's keyboard mode (focus the drag handle, Space to lift, arrows to move, Space to drop). Verify drags withdiff_page_stateorassert_condition.Date/time inputs are filled with React-compatible synthetic events automatically (
fill,force_fill,auto_fill_form)
Troubleshooting
Problem | Solution |
| Run |
| Browser failed to launch. Check Chromium is installed. Server will auto-retry on next call. |
Login not working | Try providing explicit CSS selectors via |
Timeout on page load | Increase |
Docker can't reach website | Ensure the container has network access. Use |
Development
pip install -r requirements-dev.txt
pytest --ignore=tests/e2e # unit tests, no browser required
pytest tests/e2e # behavioral tests: real headless Chromium against
# fixture pages in tests/e2e/fixtures/ (~30s)The e2e suite covers session lifecycle, network waits/intercepts, console
capture, dialogs, drag-and-drop (including the pointer-tracking DnD silent
no-op), the check modules against known-good/known-bad pages, Core Web Vitals,
and the agent-speed tools. CI runs both suites; e2e installs Playwright's
Chromium (python -m playwright install --with-deps chromium). Tests are
isolated from your real data/ via PERISCOPE_DATA_DIR.
Adding a new tool: define its schema in tool_schemas.py, then add a handler in the
matching handlers/<category>.py decorated with @tool("your_tool_name"). The
registry test (tests/test_registry.py) fails if schemas and handlers drift apart.
Contributors
Built by Segentic Lab — open-source tools & experiments.
Sebastijan Bandur (@segentic-lab) — author & maintainer
Claude (Anthropic) — co-contributor: developed alongside via Claude Code; every commit is co-authored, and the tool designs were battle-tested by an AI agent driving the server against real sites
License
GNU AGPL-3.0 — see LICENSE.
Run it, modify it, use it anywhere — including commercially. If you distribute a modified version or offer one as a network service, you must make your modifications available under the same license.
Maintenance
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/segentic-lab/periscope-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server