Github-MCP-Server
Verified Safeby relix23
Overview
Provides a lightweight Model Context Protocol (MCP) server for integrating with GitHub APIs to fetch, transform, cache, and route GitHub data, acting as a bridge for client applications.
Installation
docker run -p 8080:8080 -e GITHUB_TOKEN=your_token github-mcp-server:latestEnvironment Variables
- GITHUB_TOKEN
Security Notes
The server adheres to good practices by loading the GitHub token from environment variables. No direct use of 'eval' or code obfuscation is present. The 'get_file_content' function constructs URLs to raw.githubusercontent.com, which is designed to fetch public raw file content from GitHub and is inherently limited to that domain, reducing arbitrary Server-Side Request Forgery (SSRF) risk to internal networks. The primary security consideration lies in the scope of the `GITHUB_TOKEN` provided; if granted broad permissions (e.g., 'repo' scope), the server acts as a powerful proxy, enabling clients capable of invoking its MCP tools to perform sensitive GitHub actions. Secure deployment requires careful token scope management and robust authentication/authorization for clients interacting with the MCP server.
Similar Servers
tutto-mcp-server
Implements a Model Context Protocol (MCP) server in Python using FastMCP to expose custom tools and resources for consumption by language models.
mcp-skeleton
A generic template for building Model Context Protocol (MCP) servers to expose custom business logic as tools for AI models and clients.
mcp-github-client
This server integrates the GitHub REST API as a Model Context Protocol (MCP) tool, enabling interactive access to GitHub repositories, issues, and code search for AI models.
mcp-oauth-mcpserver-blueprint
MCP server with OAuth 2.1 authentication for secure GitHub API access, designed to run locally in MCP hosts like Visual Studio Code.