Add-ons & integrations Β· MCP
GitHub MCP Server
MCP server maintained by GitHub itself for repos, pull requests, issues, code search, and CI/CD insights β remote or local, with OAuth login.
The GitHub MCP Server connects agents directly to the GitHub platform β in two operating modes. The remote server is hosted by GitHub itself at https://api.githubcopilot.com/mcp/ and, per the README, is the easiest way to get started: sign in via OAuth in the browser (the token then stays only in memory), or alternatively via a Personal Access Token (PAT) in the Authorization: Bearer header. Anyone who wants to keep everything local can start the server as a Docker container (ghcr.io/github/github-mcp-server) with a PAT or OAuth callback β or build it themselves from source via go build.
Capabilities are organized into toolsets that can be individually enabled and disabled: repos (repository operations), issues, pull_requests, actions (CI/CD), code_security (code and secret scanning), plus dependabot, discussions, gists, projects, orgs, users, notifications, and labels. Without specifying anything, context, repos, issues, pull_requests, and users are active by default. The selection is controlled via the --toolsets flag or the GITHUB_TOOLSETS environment variable; individual tools can be enabled via GITHUB_TOOLS. A --read-only flag disables all write-capable tools β useful when the agent should only analyze, not change anything.
This lets an agent triage issues, create and review pull requests, inspect CI runs, and search code across repos β with official vendor support from GitHub rather than a community-built workaround.
π§ SETUP
- Easiest path (remote): register the hosted server in your MCP client as an HTTP server: `{"servers": {"github": {"type": "http", "url": "https://api.githubcopilot.com/mcp/"}}}` β sign in then via OAuth in the browser
- Alternatively with a Personal Access Token instead of OAuth: additionally configure the header `"Authorization": "Bearer <PAT>"`
- Local instead of remote: `docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN=<your-token> ghcr.io/github/github-mcp-server`
- Restrict toolsets as needed, e.g. `--toolsets repos,issues,pull_requests,actions` or via the environment variable `GITHUB_TOOLSETS="repos,issues,pull_requests"`
- For pure analysis tasks, set the `--read-only` flag β write-capable tools are then skipped
β WHEN TO USE IT?
PR and issue work straight from the agent
"Summarize the open issues labeled 'bug', prioritize them, and for the most critical one create a branch with a draft PR" β all via the official GitHub tools, without switching to the browser.
Diagnosing CI/CD failures
Using the `actions` toolset, fetch the failed workflow run from the latest push, analyze the logs, and have a fix suggested directly.
β WHEN NOT TO?
Local git operations in the working directory
The server talks to the GitHub API β it can't see commits, branches, and diffs in a local, not-yet-pushed working state.
Better: Do local git work via the agent's normal git CLI; use the GitHub MCP Server for the platform side (PRs, issues, actions) instead.
The agent should only read but gets full write access
With standard toolsets and a broadly scoped PAT, the agent can change issues, PRs, and more β more permissions than necessary are an unnecessary risk.
Better: Set `--read-only`, keep toolsets minimal, and use a fine-grained PAT with as few scopes as possible.
SOURCES
- GitHub: github/github-mcp-server β github.com
- Remote-Server-Doku (GitHub MCP) β github.com
- Installations-Guides fΓΌr alle MCP-Clients β github.com
- GitHub Docs: Using the GitHub MCP Server β docs.github.com