Clartat-MCP
Verified Safeby Eugenio-BAYE
Overview
Integrate GitHub Projects v2 data with GitHub Copilot Chat for viewing project items and creating issues.
Installation
java -jar target/scala-3.7.3/clartat-mcp.jarEnvironment Variables
- GITHUB_TOKEN
- GITHUB_OWNER
- GITHUB_REPO
- GITHUB_REPO_NAME
Security Notes
The server correctly handles sensitive information by requiring a GitHub Personal Access Token (PAT) via environment variables, not hardcoding it. It uses standard and well-vetted libraries for HTTP communication (sttp.client3) and JSON parsing (Circe). Critically, it implements explicit GraphQL string escaping (`escapeGraphQLString`) for user-provided input (issue title, body) when constructing mutation queries, which is a strong defense against GraphQL injection vulnerabilities. No 'eval' or dynamic code execution is observed. Network communication is exclusively with the official GitHub GraphQL API over HTTPS. The token scopes requested (repo, read:org, read:project) are appropriate for its stated functionality.
Similar Servers
mcp-github-project-manager
AI-powered GitHub Project Management, including automated roadmap generation, sprint planning, issue triaging, task breakdown, and comprehensive project workflow automation.
gh-mcp
A GitHub CLI extension to seamlessly run the github-mcp-server in a Docker container using existing `gh` authentication.
copilot-kit
Provides a curated collection of GitHub Copilot prompts, instructions, and configurations to enhance developer productivity and streamline AI-assisted programming workflows in VS Code.
DevFestIca25-Activity1
Automate project management and issue creation using GitHub Copilot and MCP Server by transforming requirements into actionable GitHub tasks.