Afina MCP Server: AI Agent for Antidetect Browser

Tell Claude: "Create 50 profiles with US proxies and start warm-up in two shifts of 25 accounts each, 15 minutes apart". Get the result in 30 seconds of dialogue instead of two hours of clicks in the UI. This is not a marketing promise — it is the new reality of working with an AI antidetect browser after the release of Afina's official MCP server, the first one in the entire antidetect industry.

In this article we break down what an MCP server for antidetect browsers is, which 67 tools it gives to any AI agent (Claude Desktop, Claude Code, Cursor, ChatGPT, Cline), how this changes multi-accounting and why AI antidetect is the next step in the evolution of automation tools for affiliate marketing, airdrop farming and account management at scale.

What MCP Is and Why It Changes the Rules

MCP (Model Context Protocol) is an open protocol that has become the industry standard for connecting LLMs to external services. If an application has an MCP server, it automatically works with any MCP-compatible AI client: Claude Desktop, Claude Code, Cursor, Cline, Continue, Windsurf and wrappers around ChatGPT.

This means exactly one thing: connect afina-mcp to Claude once — Claude can do everything Afina can. Switch to Cursor — Cursor can do the same without retraining. Zero vendor lock-in and universality across any AI that ships tomorrow.

Previously, every "AI + service" integration had to be written from scratch: API client, retry logic, error parser, glue code. With MCP, that is zero lines of code and five minutes of config. That is why MCP is the future of browser automation, and that is why Afina shipped the first MCP server in the antidetect industry.

AI Antidetect Browser: Why You Need It Right Now

If you work with an antidetect browser, the routine is painfully familiar:

• Create 50 profiles for a new campaign — an hour of clicks in the UI.
• Write an RPA script for a new site — a day if done properly.
• Investigate why a task failed across 200 accounts — an hour in the logs.
• Figure out which proxies died among 500 of them — a separate kind of pain.
• Launch a campaign with a non-trivial schedule (every 6 hours between 10:00 and 18:00, max 5 in parallel) — ten minutes of clicks in the tasks table.

All of this is routine that can be described in words. And if a task can be described in words, it can be handed off to an AI. Before MCP this required code: a Python wrapper, REST client, error handling. With MCP, you just tell the model what you want, and it issues 30+ MCP calls, parallelizes runs, catches errors and reports back. Zero code on your side.

The pairing of Claude + antidetect (or ChatGPT + antidetect — no difference, the MCP protocol is unified) turns the antidetect browser from a "click tool" into a fully AI-driven platform. Those searching for antidetect ai or ai antidetect browser are actually looking for this — and until the afina-mcp release no off-the-shelf solution existed.

This matters now more than ever, because multi-accounting in 2026 requires more sophisticated and coordinated scenarios — platform anti-fraud teams have learned to catch templated behavior, and the only way out is individualized, granular logic per profile. Manual labor cannot do that at scale. An AI agent over MCP is the only way to ship quality automation without growing the dev team.

67 Tools of afina-mcp by Category

Every tool is a thin wrapper over Afina's local HTTP API. No business logic lives in the MCP server itself: all heavy lifting (fingerprint generation, module signing, script executor, encryption) stays inside the Afina desktop app.

Accounts — Full CRUD (8 tools)

list_accounts, get_account, create_account, update_account, delete_account, hard_delete_account, start_browser, stop_browser.

The AI creates browser profiles with unique fingerprints (user agent, WebGL renderer, CPU/memory, fonts, time zone) generated by the same backend the UI uses. All parameters in a single call: proxy, tags, groups, screen, languages, fingerprint noise, startup URLs, blocked ports, extraArgs, settings. Soft-delete (restorable from trash) and hard-delete with full data cleanup and graceful shutdown of running browsers are both supported.

What you say to Claude: "Prepare 100 profiles for the campaign, 20 in each of 5 geolocations, tag them phase-1, attach proxies from the residential-us pool." Within a minute, 100 profiles with unique fingerprints and validated proxies.

Browser Control (6 tools)

eval_in_browser, find_clickable, find_input, get_current_url, get_page_text, take_screenshot.

• eval_in_browser — runs JavaScript in the current tab context via CDP. Auto-awaits promises, returns by value. Can be fully disabled via env flag if you do not want to grant the LLM direct JS access to pages.
• find_clickable / find_input — find elements by text, label or placeholder, returning CSS selector, XPath and visibility. The AI stops guessing selectors and gets them deterministically.
• take_screenshot — base64 PNG for vision models. Claude looks at the screenshot and writes the next step.

RPA Scripts — Generated by AI on the Fly (7 tools)

list_scripts, get_script, create_script, update_script, run_script, get_run_logs, stop_running_script.

The AI reads the built-in resource afina://docs/rpa-blocks (catalog of all RPA blocks with parameters and JSON examples) and produces a valid script JSON. The MCP layer ships with a validator: it checks connections, fills in forgotten targetPosition, sets default label. The script is saved into Afina exactly as if you built it in the visual editor — same executor, same capabilities.

The concept is laid out in detail in the Afina automation logic guide, but now you no longer need to write scripts by hand — the model writes them for you.

RPA Modules — AI as a Developer (7 tools)

list_modules, get_module, create_module, update_module, resign_module, delete_module, hard_delete_module.

When visual RPA blocks are not enough, you write a custom JavaScript module. The AI handles this end to end: creates the module (scaffold index.js, utils_<id>.js, package.json, settings.json + automatic npm install), edits files, recomputes the Ed25519 signature via resign_module. Without that signature the executor blocks the run — this is a protection against code tampering.

You get a full-blown AI developer of RPA modules: writes code, tests it, fixes bugs, re-signs. Perfect workflow for teams building no-code automation without keeping programmers on staff.

Tasks and Task Groups — Any Schedule by Voice (18 tools)

list_task_groups, get_task_group, create_task_group, update_task_group, start_task_group, restart_task_group, stop_task_group, delete_task_group, hard_delete_task_group, add_tasks_to_group, update_task, delete_tasks, stop_tasks, list_tasks, get_active_tasks, get_task_logs, run_script_on_accounts.

Everything the UI supports is supported here: time-of-day windows (e.g. only 09:00–18:00), repeats, timeouts, parallelism limits, waiting for other tasks, deferred start with natural language ("in 5m", "+1h", "tomorrow 09:00", "2026-05-11 14:30", ISO, epoch).

The flagship tool is run_script_on_accounts. A single call does four things: creates a task group (or reuses an existing one for full idempotency on retry), adds tasks for every accountId, activates the group with the given schedule, and survives network errors via the existingGroupId parameter without duplicates. Progress can be tracked via the active tasks table.

Proxies (3 tools)

check_proxies, check_all_proxies, add_proxy. Real network validation including UDP tests for SOCKS5 — critical given that Afina supports HTTP/3 over SOCKS5 with QUIC. Bulk audit of every proxy in the table; adding new proxies with warm-up validation (if it does not work, it is not saved).

Related reading: proxy types and how to pick one.

Databases, Variables, Keys (15 tools)

• databases.* — SQLite connections for the RPA database block. Full CRUD.
• global_vars.* — global variables ${name} available in every script.
• keys.* — catalog of API keys and tokens (ChatGPT, OpenAI, Telegram) from the API settings.
• account_vars.* — per-account variables in two stores:

Encrypted values are decrypted by the executor right before script execution. The AI can write and read by key, but never sees the decrypted value. This is the ideal store for 2FA secrets, passwords and crypto wallet private keys.

Email / IMAP (2 tools)

list_emails, toggle_email. Manage IMAP credentials monitoring — enable or disable specific mailboxes.

Four Scenarios That Change Your Workflow

Scenario 1. Launching a Campaign from a Text Brief

Before: 50 profiles created by hand (one hour), task groups configured (10 minutes), proxies attached (10 minutes), warm-up launched (5 minutes). Total — two hours.

Now: one sentence in the Claude chat. The model unrolls 30+ MCP calls itself, creates a task group with the required schedule, sets executeAtPerAccount so profiles do not start simultaneously, activates the group and reports back.

Scenario 2. Debugging Failed Tasks

Script failing on 40% of accounts? Ask Claude to investigate. The model calls list_tasks filtered by status=error, reads logs of 10 different failures, finds a common pattern, updates the script via update_script and proposes restart_task_group on the failed entries. An hour of log diving becomes three minutes of chat.

Scenario 3. Writing an RPA Module from Scratch

Need a custom module (for example, posting a webhook to a chat when a profile hits N likes)? Claude calls create_module, gets the absolute path to the folder, writes index.js with the desired logic, updates settings.json for the block's UI fields, re-signs via resign_module. In 30 seconds the module is ready and available in any script via executeModule.

Scenario 4. Vision-Driven Automation

You drop a screenshot of an unfamiliar page into Claude — "where do I click to reach security settings?" The model analyzes the image, finds Settings → Security, launches a browser on a test profile, takes its own screenshot to verify, calls find_clickable for a deterministic selector, performs the click and confirms the result with a second screenshot. Then it asks whether to persist this as a step in an RPA script.

More on these patterns in the browser action automation guide.

Security and Privacy

Why pro teams trust afina-mcp:

Fully local. The MCP server is a Node process on your machine, a bridge to Afina's local HTTP API on 127.0.0.1. No cloud. Your data does not leave the machine, except to reach Afina itself.

API key. Without a valid AFINA_API_KEY the server returns 401. The key is visible only to you in app settings.

Encrypted variables. Sealed-box encryption (libsodium) is handled inside Afina. The AI can write and read by key but never sees decrypted values. Decryption happens in the executor right before the script runs. This is the ideal store for 2FA, passwords, private keys and any other sensitive data.

Module signing. Any custom JavaScript module is signed with Ed25519 over an md5 manifest of the folder. Tampering with files without calling resign_module makes the module unusable — the executor blocks it. This guarantees that all code went through your review and was not modified behind your back.

Kill switch for eval_in_browser. Setting AFINA_MCP_EVAL_ENABLED=0 fully disables arbitrary JS execution on pages. If you want to restrict the AI to declarative RPA blocks only — one line in the config, done.

Profile isolation. A baseline Afina feature unrelated to MCP: every profile gets fully isolated cookies, local storage, IndexedDB and cache. Plugging an AI in does not change the security model — the AI works inside the same isolated environment you do.

Installation in 60 Seconds

Step 1. Grab the API key

Open Afina, go to Settings → API key and copy the value.

Step 2. Wire MCP into your client

Claude Desktop (macOS: ~/Library/Application Support/Claude/claude_desktop_config.json):

{
  "mcpServers": {
    "afina": {
      "command": "npx",
      "args": ["-y", "afina-mcp"],
      "env": {
        "AFINA_URL": "http://127.0.0.1:50778",
        "AFINA_API_KEY": "<your key>"
      }
    }
  }
}

Claude Code (CLI):

claude mcp add afina \
  -e AFINA_API_KEY=<key> \
  -e AFINA_URL=http://127.0.0.1:50778 \
  -- npx -y afina-mcp

Cursor (.cursor/mcp.json):

{
  "mcpServers": {
    "afina": {
      "command": "npx",
      "args": ["-y", "afina-mcp"],
      "env": { "AFINA_API_KEY": "<key>" }
    }
  }
}

Cline, Continue and others — any MCP client with stdio transport: command: npx, args: ["-y", "afina-mcp"], env AFINA_API_KEY.

Step 3. Restart the client

A tools icon for Afina will appear in the interface. You can start talking.

Architecture: a Bridge Without Business Logic

The MCP server itself does nothing — it is a thin bridge. All logic (unique fingerprint generation with user agent, WebGL renderer, CPU/memory, fonts and time zone, module signing, script executor, encryption, CDP-driven browser control) lives in the Afina desktop app. Practical implications:

• No extra load on the AI vendor — your scripts are executed by your local Afina.
• No vendor lock-in — switch from Claude to Cursor and everything keeps working.
• Auditable — there is an HTTP request log on the Afina side.
• Works offline for everything that does not require external services.

With MCP vs Without: Side by Side

This is not a 2x speed-up. It is an order-of-magnitude improvement, especially for teams operating hundreds of browser profiles. And the gap will only grow as models become more accurate and the RPA block catalog the AI sees keeps expanding.

Who Needs This Right Now

Affiliates and traffic arbitrage. Scaling campaigns to hundreds of accounts without a developer on the team. Traffic arbitrage in 2026 is no longer viable without automation, and MCP makes that automation accessible without coding skills.

Airdrop hunters. Farming accounts for airdrop and bounty campaigns with activity spread over time to bypass Sybil detection. An AI agent distributes the schedule itself, checks proxies, re-signs modules and generates unique behavior patterns.

SMM and marketers. Automating repetitive actions through a text interface — without learning JS or CSS selectors. From LinkedIn to Reddit campaigns — the model will figure out what is needed.

Developers. Speeding up RPA flow delivery: the AI writes the first version of a module, the human polishes the critical paths. Great for QA testing, DevOps work and edge-case generation.

Teams and digital agencies. Managing dozens of client accounts get a single shared bus across all tools via one AI chat. Afina's team access without re-login and without password sharing stays intact — MCP does not change the access model, it inherits it.

Marketplace sellers. Working with global platforms often requires multi-accounting — MCP lets you launch warm-up, competitor monitoring and ranking data collection by voice.

OSINT researchers and analysts. 24/7 collection of open data without manual labor and without putting the main profile at risk.

If you want to compare Afina with other solutions, see Afina vs Octo Browser vs Dolphin Anty. The MCP server is currently available only inside Afina.

Bottom Line

Most AI tools today are helpers that advise. They answer questions and generate code in chat, but they do not execute anything. To act on the advice you still have to enter the UI, copy, paste and click.

Afina's MCP server breaks that paradigm. The AI becomes an executor. You do not get "here is the code, try it", you get "done, please verify". This changes the ROI of every hour spent with an antidetect browser by several multiples.

And this is the first MCP server in the antidetect industry. Competitors do not offer anything similar yet — while MCP is already standard at Anthropic, OpenAI and dozens of AI clients. Those who adopt MCP now get a window of several months before the industry catches up.

Install Afina Browser for free, grab the API key in settings and wire afina-mcp into your AI client using the instructions above. Your first Claude request over MCP will take you a minute. Take that step today — while competitors are still clicking.