Back to MCP Servers

GitHub MCP Server

Official GitHub MCP server for managing repos, issues, pull requests, GitHub Actions, code scanning alerts, and team collaboration through AI agents.

Developer Tools by GitHub OAuth2, Bearer Token (PAT) active
Connect (Remote Server) GitHub Docs
Overview

The GitHub MCP server is the official Model Context Protocol server built and maintained by GitHub. It exposes GitHub's REST and GraphQL APIs as a set of tools that AI agents can invoke, covering repository browsing, issue and pull request management, GitHub Actions workflows, code scanning and Dependabot alerts, Projects, Discussions, Gists, and organization or user queries. It works against GitHub.com, GitHub Enterprise Cloud, and GitHub Enterprise Server.

The server can be consumed two ways. The hosted remote endpoint at https://api.githubcopilot.com/mcp/ requires no local install and supports OAuth or Personal Access Token authentication, and is the easiest path for clients like VS Code, Cursor, and Claude. The self-hosted option runs as a Go binary or Docker image (ghcr.io/github/github-mcp-server) over stdio, which is useful for enterprise environments or restricted networks.

Tools are organized into toolsets (repos, issues, pull_requests, actions, code_security, dependabot, discussions, gists, projects, notifications, orgs, users, and others) that can be selectively enabled via GITHUB_TOOLSETS to reduce token usage and lock down scope. Read-only and lockdown modes are available for safer agentic use.

Tools

Tool Description
get_file_contents Read the contents of a file or directory in a repository.
search_code Search code across GitHub using the code search syntax.
create_or_update_file Create or update a single file in a repository via the Contents API.
list_commits List commits on a repository or branch.
issue_read Get details for an issue including comments and sub-issues.
issue_write Create or update an issue (title, body, labels, assignees, state).
create_pull_request Open a new pull request between two branches.
pull_request_read Read pull request details, files, reviews, and status checks.
actions_list List workflows or workflow runs for a repository.
get_job_logs Fetch logs for a workflow job, including failed-step extraction.
list_code_scanning_alerts List code scanning alerts for a repo.
list_dependabot_alerts List Dependabot vulnerability alerts.
get_me Return information about the authenticated user.
search_users Search for GitHub users.
list_notifications List the authenticated user's notifications.
Setup Guide

Prerequisites

  • A GitHub account
  • Either a GitHub Personal Access Token (fine-grained recommended) with the scopes you want the agent to use, or OAuth via a supported client like VS Code
  • Docker (for the self-hosted option) or a client that supports remote HTTP MCP servers

Option 1: Remote server (recommended)

Point any MCP-capable client at GitHub's hosted endpoint. OAuth example for VS Code:

{
  "servers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp/"
    }
  }
}

PAT variant (works in any HTTP-capable MCP client):

{
  "servers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp/",
      "headers": {
        "Authorization": "Bearer ${input:github_mcp_pat}"
      }
    }
  }
}

Option 2: Self-hosted via Docker (stdio)

Works with Claude Desktop, Cursor, and other stdio MCP clients:

{
  "mcpServers": {
    "github": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "GITHUB_PERSONAL_ACCESS_TOKEN",
        "ghcr.io/github/github-mcp-server"
      ],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_xxx"
      }
    }
  }
}

For GitHub Enterprise Server, add -e GITHUB_HOST and set GITHUB_HOST=https://your-ghes-host.

Useful environment variables

  • GITHUB_PERSONAL_ACCESS_TOKEN: auth token
  • GITHUB_TOOLSETS: comma-separated list, e.g. repos,issues,pull_requests,actions
  • GITHUB_READ_ONLY=1: disable all write tools
  • GITHUB_DYNAMIC_TOOLSETS=1: let the agent enable toolsets on demand
  • GITHUB_HOST: GHES base URL
Use Cases
  • Triage a backlog: list open issues by label, summarize the top bugs, and post a triage comment with proposed priorities.
  • Code review automation: read a PR's diff, run analysis on changed files, and post review comments or request changes.
  • CI failure debugging: pull failed workflow runs, grab the failing job logs, and propose a fix as a new branch and pull request.
  • Security response: list open code scanning and Dependabot alerts across a repo or org and open remediation issues for high-severity findings.
  • Release notes: scan merged PRs and commits since the last tag and draft a changelog or release.
Example Prompts
  • "Open a PR in acme/api that bumps the requests dependency to the latest version and links the related Dependabot alert."
  • "Show me all failing GitHub Actions runs on main in the last 24 hours and summarize the failing steps."
  • "List high-severity code scanning alerts in acme/web and create issues for the ones not already tracked."
  • "Review pull request #482 in acme/api, focus on the auth changes, and leave inline comments on anything risky."
  • "Find every open issue assigned to me across the acme org and group them by repository and priority."
Pros
  • Official, maintained by GitHub, with frequent updates and broad API coverage (60+ tools across most of the GitHub platform).
  • Hosted remote endpoint means zero-install setup with OAuth in supported clients like VS Code.
  • Granular toolset selection plus read-only and lockdown modes for safer agentic workflows.
  • Supports GitHub.com, GitHub Enterprise Cloud, and GitHub Enterprise Server.
Limitations
  • PAT scopes can be coarse; granting an agent enough access for write operations effectively grants broad repo permissions.
  • Self-hosting requires Docker or a Go build; not a single-command npm install.
  • Enabling all toolsets at once consumes a large amount of model context window, so toolset tuning is usually required.
Alternatives
  • Linear MCP server for project tracking if you primarily live in Linear instead of GitHub Issues.
  • GitLab MCP server for the equivalent capabilities on GitLab.
  • Community Git MCP servers (e.g. mcp-server-git) when you only need local Git operations without GitHub API access.
More Developer Tools MCP Servers
AWS API
Bridge that lets AI assistants manage AWS infrastructure by executing validated AWS CLI commands across every AWS service.
AWS CDK
Official AWS Labs MCP server that guides agents through AWS CDK development with prescriptive patterns, CDK Nag security validation, and Solutions Constructs discovery.
AWS CloudWatch
Official AWS Labs MCP server for CloudWatch. Query metrics, analyze logs, investigate alarms, and run PromQL queries for AI-powered root cause analysis.
Aiven
Official MCP server for the Aiven cloud data platform. Manage PostgreSQL, Apache Kafka, and other Aiven services from AI assistants.