[BUG] MCP design-linter has systematic blind spot due to bot detection
Summary
The MCP design-linter tool returns 0 issues on sites that detect headless browsers (e.g., Reddit), while the Chrome extension correctly finds 500+ issues on the same sites. This creates a systematic blind spot in accuracy testing.
Evidence
| Metric | MCP/CLI (Puppeteer) | Chrome Extension |
|--------|---------------------|------------------|
| old.reddit.com issues | 0 | 500 (123 errors, 377 warnings) |
| Execution time | 6-7ms | Normal |
| Browser type | Headless Puppeteer | Real Chrome |
The 6-7ms execution time is a red flag - it indicates the linter found no elements to analyze because Reddit served different content to the headless browser.
Root Cause
The MCP design-linter uses Puppeteer with minimal stealth configuration:
// browser.js
const chromeArgs = [
`--disable-extensions-except=${extensionPath}`,
`--load-extension=${extensionPath}`,
'--disable-dev-shm-usage',
'--disable-gpu',
];
await puppeteer.launch({
headless: true, // Easily detectable
// No user-agent spoofing
// No stealth plugins
});
Reddit (and likely other sites) detect the headless browser and serve:
- A minimal/empty page
- A redirect to login/captcha
- An interstitial blocking page
Impact
- Accuracy testing is unreliable for sites with bot detection
- False negatives in the "baseline-messy" category (Old Reddit shows 0 issues when it should show hundreds)
- Ground truth mismatch between MCP tool and Chrome extension
Recommended Fixes
Option 1: Add puppeteer-extra with stealth plugin (Recommended)
import puppeteer from 'puppeteer-extra';
import StealthPlugin from 'puppeteer-extra-plugin-stealth';
puppeteer.use(StealthPlugin());
Option 2: Use new headless mode
await puppeteer.launch({
headless: 'new', // Chrome's new headless mode is harder to detect
});
Option 3: Add user-agent spoofing
await page.setUserAgent('Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36...');
Option 4: Hybrid approach
- Detect when headless analysis returns suspiciously fast (< 100ms)
- Flag sites as "potentially blocked"
- Fall back to extension-based analysis for these sites
Affected Sites in Corpus
From accuracy testing run on 2026-01-24:
old.reddit.com- 0 issues (expected: high)- Possibly others that returned suspiciously low counts
Acceptance Criteria
- [ ] MCP design-linter bypasses common bot detection
- [ ] Old Reddit returns similar issue count to Chrome extension
- [ ] Accuracy testing includes "bot detection bypass" verification
- [ ] Sites that block headless browsers are flagged in reports
Labels
bug, accuracy, mcp, puppeteer
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗