github-mcp-server
GitHub's official MCP Server enables AI tools and agents to interact with GitHub repositories, issues, pull requests, and workflows through natural language. It supports both remote hosting (via GitHub's API) and local deployment, with OAuth and Personal Access Token authentication options.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | github/github-mcp-server |
| Owner | github |
| Primary language | Go |
| License | MIT — OSI-approved |
| Stars | 31.3k |
| Forks | 4.5k |
| Open issues | 337 |
| Latest release | v1.5.0 (2026-06-27) |
| Last updated | 2026-07-07 |
| Source | https://github.com/github/github-mcp-server |
What github-mcp-server is
A Go-based Model Context Protocol server that exposes GitHub platform capabilities—repository browsing, code analysis, issue/PR management, CI/CD workflows, and security alerts—via HTTP endpoints compatible with VS Code, Claude, Cursor, and other MCP hosts. Offers configurable toolsets, remote hosting at api.githubcopilot.com, and local Docker deployment.
Get the github-mcp-server source
Clone the repository and explore it locally.
git clone https://github.com/github/github-mcp-server.gitcd github-mcp-server# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Authentication: Choose between OAuth (recommended for ease) or GitHub Personal Access Token (PAT); ensure token scopes cover intended operations (repo, issues, workflows, security alerts).
- Deployment model: Decide remote vs. local based on MCP host support and network policy; remote is easier for VS Code/Claude but local offers control.
- Toolset configuration: Default toolsets are pre-configured, but custom toolsets allow fine-tuning which capabilities are exposed to AI agents.
- Version compatibility: VS Code requires v1.101+ for remote MCP support; verify target IDE/CLI versions before deployment.
- Policies and governance: Review GitHub's policies documentation to understand rate limits, action constraints, and audit logging requirements.
When to avoid it — and what to weigh
- GitHub Enterprise Server deployments — Remote server is not supported for GHE Server; only local deployment with custom setup is available, increasing operational complexity.
- Air-gapped or restricted network environments — Remote hosting requires connectivity to api.githubcopilot.com; local deployment with network egress restrictions will require careful firewall configuration.
- No tolerance for token management overhead — OAuth and PAT token lifecycle management adds operational burden; ensure your org has token rotation and revocation procedures in place.
- Requiring guarantees of data isolation — Remote server passes requests through GitHub-hosted infrastructure; if data residency or strict isolation is mandated, local-only deployment is required.
License & commercial use
MIT License. Permits commercial use, modification, and redistribution with only attribution and liability disclaimer required. No copyleft obligations.
MIT is a permissive OSI license compatible with commercial products. No license-imposed restrictions on use within commercial applications, internal tools, or SaaS offerings. Verify compliance with any third-party dependencies separately.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Strong |
| Assessment confidence | High |
Token security: PAT and OAuth tokens grant programmatic access to repositories; implement secure storage (e.g., credential managers), rotation policies, and minimal scopes. API rate limiting: GitHub enforces rate limits; monitor consumption to prevent service disruption. Audit logging: Requires explicit configuration; ensure MCP host logs AI agent actions for compliance. Network exposure: Remote server involves GitHub-hosted infrastructure; local deployment reduces external dependency but requires internal hosting. No explicit security audit data, threat model, or CVE history provided in source data.
Alternatives to consider
GitHub REST API with custom integration
Full programmatic control but requires custom MCP wrapper development; higher engineering lift, no native LLM agent protocol support.
GitHub CLI (gh) + shell-based automation
Lower-level, no MCP abstraction; suitable for scripting but not AI agent integration; limited natural language interface.
Third-party MCP servers (e.g., Anthropic's tools or community servers)
May offer broader capabilities or different licensing, but lack official GitHub support and endorsement; integration testing and maintenance burden shifts to third party.
Build on github-mcp-server with DEV.co software developers
Start with one-click remote installation in VS Code 1.101+, or deploy locally with Docker. Choose OAuth or PAT auth and begin automating repository management with AI today.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
github-mcp-server FAQ
Can I use this with GitHub Enterprise Server?
Do I need a GitHub Personal Access Token or can I use OAuth?
What are rate limits and how do they affect AI agent workflows?
Is data processed by the remote server stored or logged?
Software development & web development with DEV.co
Adopting github-mcp-server is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate mcp servers software in production.
Ready to connect AI to your GitHub workflows?
Start with one-click remote installation in VS Code 1.101+, or deploy locally with Docker. Choose OAuth or PAT auth and begin automating repository management with AI today.