mcp-server-for-Github
by crypto-ninja
Overview
Automates comprehensive GitHub workflows for AI agents, including repository management, issue tracking, pull request operations, code search, and file management, enabling AI-powered development.
Installation
python -m github_mcpEnvironment Variables
- GITHUB_TOKEN
- GITHUB_APP_ID
- GITHUB_APP_INSTALLATION_ID
- GITHUB_APP_PRIVATE_KEY_PATH
- GITHUB_APP_PRIVATE_KEY
- GITHUB_AUTH_MODE
- MCP_WORKSPACE_ROOT
- GITHUB_API_BASE_URL
- GITHUB_MCP_DEBUG_AUTH
Security Notes
The Deno runtime executes user-provided TypeScript code using `new Function()`, which the project's own code review identifies as a 'HIGH PRIORITY' security risk due to potential global scope access, prototype pollution, and lack of AST validation. While `code-validator.ts` implements a strong blacklist of dangerous patterns (e.g., `eval()`, `Deno.run()`, `__proto__` access), a blacklist is inherently less secure than a whitelist or true sandbox. A bypass in this validation layer could lead to code execution vulnerabilities. The Deno sandbox permissions (`--allow-read`, `--allow-run`, `--allow-env`, `--allow-net`) are also broad, though network access is intended to be limited to GitHub API.
Similar Servers
github-mcp-server
Connects AI tools (agents, assistants, chatbots) directly to GitHub's platform, enabling natural language interactions for repository management, issue/PR automation, code analysis, and workflow automation.
responsible-vibe-mcp
Transforms any AI coding agent into a structured development partner by guiding it through battle-tested engineering workflows with persistent context and documentation.
github-mcp-server
Automate comprehensive GitHub workflows including repository management, issue tracking, pull request operations, file management, and CI/CD monitoring, designed for AI-powered development teams with extreme token efficiency.
mcp-gihub-integration
This package provides a GitHub API client for integration with an MCP (Model Context Protocol) server, enabling automation of GitHub tasks.