Agentifact assessment — independently scored, not sponsored. Last verified Mar 6, 2026.

MCP ServerNEEDS APPROVAL

@modelcontextprotocol/server-github

Provides AI agents with tools to access GitHub repositories, retrieve commits, issues, and perform repository operations via MCP protocol.

Visit @modelcontextprotocol/server-githubVerified · March 6, 2026

✓ Our Verdict

Viable option — review the tradeoffs

Use Case

You need your AI agent to read and act on GitHub repository state—pull commits, check issues, understand code context—without manually copying data into prompts.

SolutionMCP server exposes GitHub API as tools your agent can call directly. Agent can retrieve commits, issues, repository metadata, and perform operations while maintaining GitHub's permission model.

SetupInstall via npx or Docker. Requires GitHub personal access token with appropriate scopes (repo, issues, etc.). Configure in your MCP host (Claude Desktop, Cursor, Windsurf, or custom client). ~10 minutes for basic setup.

Fast, reliable access to GitHub data. Agent sees real-time repository state. Rate limits apply (GitHub API standard limits). Toolset-based access control lets you restrict which GitHub operations the agent can perform. No local git clone needed.

Ecosystem maturity (GitHub-maintained, widely integrated) and security model (explicit toolsets, token scoping) drive the 74 score.

Use Case

You're building an AI coding assistant or DevOps workflow that needs to automate GitHub tasks—create issues, comment on PRs, trigger code scanning—without context switching.

SolutionAgent can invoke GitHub tools (Copilot coding agent, code scanning) and perform repository operations through MCP. Enables cloud-based workflows that work from any device.

SetupSame as above, plus GitHub Copilot subscription (for coding agent) and/or GitHub Advanced Security subscription (for code scanning). Configure toolsets to enable only the operations you need.

Tight integration with GitHub's native tools. Coding agent and security scanning work reliably. Requires appropriate GitHub subscription tier. Toolset granularity means you can lock down agent permissions per operation.

Practical value for code-centric workflows, but subscription requirements limit accessibility.

Limitation — major

GitHub API rate limits apply to agent calls

Each tool invocation hits GitHub's API. Standard rate limits (60 req/hour unauthenticated, 5000 req/hour authenticated) mean high-volume agent workflows may throttle. No built-in batching or caching layer in the MCP server itself.

⚠ Warning

Personal access token scope creep

If you generate a token with broad scopes (repo, admin:org_hook, etc.) and the token leaks, attacker gets full GitHub access. Use minimal scopes (e.g., repo:read_only for read-only agents). Rotate tokens regularly. Store securely in environment variables, never in config files.

Prerequisite

GitHub personal access token with correct scopes

MCP server authenticates to GitHub API via token. Without it, server cannot connect. Token scope determines what agent can do (read repos, write issues, trigger workflows, etc.). Mismatched scopes = silent failures or permission errors.

GitHub accountPersonal access token (classic or fine-grained)

Trust Breakdown

71

Trust scoreSolid

AGENT

Autonomous workflow delegation

TRUST

Transparency & verification

INTEROP

Protocol compatibility breadth

SECURITY

Security controls & audit trail

DOCS

Documentation completeness

How these scores are calculated →

What It Actually Does

In Plain English

This tool lets AI agents connect to GitHub repos to read commits, issues, and other data, plus run actions like updates using the MCP protocol.

Provides AI agents with tools to access GitHub repositories, retrieve commits, issues, and perform repository operations via MCP protocol.

Fit Assessment

Best for

✓code-operations
✓repository-management

71

@modelcontextprotocol/server-github

Solid · 71/100

Visit @modelcontextprotocol/server-github

Score Breakdown

AGENT

Autonomous workflow delegation

TRUST

Transparency & verification

INTEROP

Protocol compatibility breadth

SECURITY

Security controls & audit trail

DOCS

Documentation completeness

Protocol Support

MCP✓

A2A—

A2H—

REST API—

Agent-callable✓

Capabilities

Transaction capable—

ACP support—

Audit trace—

Governance

permission-scoping
rate-limiting

Pricing

Free

Free, open source

Workflow Fit

code-operationsrepository-management

Related Concepts

Browse full Lexicon →

Related Categories

Ready to evaluate @modelcontextprotocol/server-github in your stack?

NEEDS APPROVAL

Visit @modelcontextprotocol/server-github