Back to Skill Directory
Development

GitHub

BYgithub0GRADE B

GitHub's official MCP Server

View Source on GitHub

Config Installation

Add this to your claude_desktop_config.json:

{
  "mcpServers": {
    "github": {
      "command": "npx",
      "args": [
        "-y",
        "@modelcontextprotocol/server-github"
      ]
    }
  }
}

* Note: Requires restart of Claude Desktop app.

View Source Code

Deployment Infrastructure

Supabase
Database & Auth
Vercel
Serverless Deploy
OWN THIS SKILL?

Apply for the Verified Badge to boost trust and rankings.

Claim & Verify ($99)

Adoption Framework for GitHub

Before installing any skill, define a clear objective and measurable outcome. A useful implementation question is: what workflow becomes faster, safer, or more reliable after this skill is active? If that answer is vague, delay rollout and tighten scope first.

For most teams, a low-risk pattern is preview-first rollout with one owner, one test scenario, and one rollback plan. Capture failures in a structured log so quality decisions are evidence-based. This is especially important for skills that touch file systems, external APIs, or automation chains with downstream side effects.

  • Define success metrics before installation.
  • Validate permission scope against policy boundaries.
  • Run one controlled pilot and document failure categories.
  • Promote only after acceptance checks pass consistently.

Pre-Deployment Review Questions

Use these questions before enabling the skill in shared environments. They reduce surprise incidents and make approval decisions consistent across teams.

  • What data can this skill read, write, or transmit by default?
  • Which failures are recoverable automatically and which require manual stop?
  • Do we have verifiable logs that prove safe behavior under load?
  • Is rollback tested, documented, and assigned to a clear owner?

If any answer is unclear, keep rollout in preview and close the gap before production use.

Editorial Review Snapshot

This listing includes an editorial QA layer in addition to automated rendering. Review status is based on documentation depth, content uniqueness, and operational safety signals from the upstream repository.

  • Last scan date: 2026-01-18
  • README depth: 988 words
  • Content diversity score: 0.51 (higher is better)
  • Template signal count: 0
  • Index status: Index eligible

Recommendation: Pilot in a bounded environment first. Confirm observability and ownership before promoting to shared workflows.

Skill Implementation Board

Actionable utility module for rollout decisions. Use the inputs below to choose a deployment path, then execute the checklist and record an output note.

Input: Security Grade

B

Input: Findings

0

Input: README Depth

988 words

Input: Index State

Eligible

Decision TriggerActionExpected Output
Input: risk band moderate, docs partial, findings 0Run a preview pilot with fixed ownership and observability checkpoints.Pilot can start with rollback checklist attached.
Input: page is index-eligibleProceed with external documentation and team onboarding draft.Reusable rollout runbook ready for team adoption.
Input: context tags/scenarios are missingDefine two concrete scenarios before broad rollout.Clear scope definition before further deployment.

Execution Steps

  1. Capture objective, owner, and rollback contact.
  2. Run one preview pilot with fixed test scenario.
  3. Record warning behavior and recovery evidence.
  4. Promote only if pilot output matches expected threshold.

Output Template

skill=github
mode=B
pilot_result=pass|fail
warning_count=0
next_step=rollout|patch|hold

🛡️ Security Analysis

SCANNED: 2026-01-18
SCORE: 80/100

Clean Scan Report

Our static analysis engine detected no common vulnerabilities (RCE, API Leaks, Unbounded FS).

DocumentationREADME.md

Note: The content below is automatically rendered from the repository's README file.

Go Report Card

GitHub MCP Server

The GitHub MCP Server connects AI tools directly to GitHub's platform. This gives AI agents, assistants, and chatbots the ability to read repositories and code files, manage issues and PRs, analyze code, and automate workflows. All through natural language interactions.

Use Cases

  • Repository Management: Browse and query code, search files, analyze commits, and understand project structure across any repository you have access to.
  • Issue & PR Automation: Create, update, and manage issues and pull requests. Let AI help triage bugs, review code changes, and maintain project boards.
  • CI/CD & Workflow Intelligence: Monitor GitHub Actions workflow runs, analyze build failures, manage releases, and get insights into your development pipeline.
  • Code Analysis: Examine security findings, review Dependabot alerts, understand code patterns, and get comprehensive insights into your codebase.
  • Team Collaboration: Access discussions, manage notifications, analyze team activity, and streamline processes for your team.

Built for developers who want to connect their AI tools to GitHub context and capabilities, from simple natural language queries to complex multi-step agent workflows.

Remote GitHub MCP Server

Install in VS Code Install in VS Code Insiders

The remote GitHub MCP Server is hosted by GitHub and provides the easiest method for getting up and running. If your MCP host does not support remote MCP servers, don't worry! You can use the local version of the GitHub MCP Server instead.

Prerequisites

  1. A compatible MCP host with remote server support (VS Code 1.101+, Claude Desktop, Cursor, Windsurf, etc.)
  2. Any applicable policies enabled

Install in VS Code

For quick installation, use one of the one-click install buttons above. Once you complete that flow, toggle Agent mode (located by the Copilot Chat text input) and the server will start. Make sure you're using VS Code 1.101 or later for remote MCP and OAuth support.

Alternatively, to manually configure VS Code, choose the appropriate JSON block from the examples below and add it to your host configuration:

Using OAuthUsing a GitHub PAT
VS Code (version 1.101 or greater)
{
  "servers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp/"
    }
  }
}

{
  "servers": {
    "github": {
      "type": "http",
      "url": "https://api.githubcopilot.com/mcp/",
      "headers": {
        "Authorization": "Bearer ${input:github_mcp_pat}"
      }
    }
  },
  "inputs": [
    {
      "type": "promptString",
      "id": "github_mcp_pat",
      "description": "GitHub Personal Access Token",
      "password": true
    }
  ]
}

Install in other MCP hosts

Note: Each MCP host application needs to configure a GitHub App or OAuth App to support remote access via OAuth. Any host application that supports remote MCP servers should support the remote GitHub server with PAT authentication. Configuration details and support levels vary by host. Make sure to refer to the host application's documentation for more info.

Configuration

Toolset configuration

See Remote Server Documentation for full details on remote server configuration, toolsets, headers, and advanced usage. This file provides comprehensive instructions and examples for connecting, customizing, and installing the remote GitHub MCP Server in VS Code and other MCP hosts.

When no toolsets are specified, default toolsets are used.

GitHub Enterprise

GitHub Enterprise Cloud with data residency (ghe.com)

GitHub Enterprise Cloud can also make use of the remote server.

Example for https://octocorp.ghe.com with GitHub PAT token:

{
    ...
    "proxima-github": {
      "type": "http",
      "url": "https://copilot-api.octocorp.ghe.com/mcp",
      "headers": {
        "Authorization": "Bearer ${input:github_mcp_pat}"
      }
    },
    ...
}

Note: When using OAuth with GitHub Enterprise with VS Code and GitHub Copilot, you also need to configure your VS Code settings to point to your GitHub Enterprise instance - see Authenticate from VS Code

GitHub Enterprise Server

GitHub Enterprise Server does not support remote server hosting. Please refer to GitHub Enterprise Server and Enterprise Cloud with data residency (ghe.com) from the local server configuration.

Local GitHub MCP Server

Install with Docker in VS Code Install with Docker in VS Code Insiders

Prerequisites

  1. To run the server in a container, you will need to have Docker installed.
  2. Once Docker is installed, you will also need to ensure Docker is running. The Docker image is available at ghcr.io/github/github-mcp-server. The image is public; if you get errors on pull, you may have an expired token and need to docker logout ghcr.io.
  3. Lastly you will need to Create a GitHub Personal Access Token. The MCP server can use many of the GitHub APIs, so enable the permissions that you feel comfortable granting your AI tools (to learn more about access tokens, please check out the documentation).
Handling PATs Securely

Environment Variables (Recommended)

To keep your GitHub PAT secure and reusable across different MCP hosts:

  1. Store your PAT in environment variables

    export GITHUB_PAT=your_token_here

    Or create a .env file:

    GITHUB_PAT=your_token_here

  2. Protect your .env file

    # Add to .gitignore to prevent accidental commits
echo ".env" >> .gitignore

  3. Reference the token in configurations

    # CLI usage
claude mcp update github -e GITHUB_PERSONAL_ACCESS_TOKEN=$GITHUB_PAT

# In config files (where supported)
"env": {
  "GITHUB_PERSONAL_ACCESS_TOKEN": "$GITHUB_PAT"
}

Note: Environment variable support varies by host app and IDE. Some applications (like Windsurf) require hardcoded tokens in config files.

Token Security Best Practices

  • Minimum scopes: Only grant necessary permissions
    • repo - Repository operations
    • read:packages - Docker image access
    • read:org - Organization team access
  • Separate tokens: Use different PATs for different projects/environments
  • Regular rotation: Update tokens periodically
  • Never commit: Keep tokens out o

...(truncated)