gh-mcp
Verified Safeby shuymn
Overview
A GitHub CLI extension to seamlessly run the github-mcp-server in a Docker container using existing `gh` authentication.
Installation
gh mcpSecurity Notes
Leverages GitHub CLI for authentication, ensuring tokens are handled by the trusted `gh` CLI and not stored by the extension. The Docker container runs with `--rm` for automatic cleanup, preventing data persistence. Credentials are passed to the container via environment variables. Crucially, the Docker image for the MCP server is pinned to a specific SHA256 digest (`ghcr.io/github/github-mcp-server@sha256:744cf8e42ded1c9bb6cdbd9d64fc66bd898cf4093cb3674febc000a9f64c35c0`), which prevents supply chain attacks via mutable tags. The primary security consideration outside of this extension's direct control is the trust in the official `github-mcp-server` Docker image itself.
Similar Servers
mcp-servers
A curated collection of Model Context Protocol (MCP) server configurations to integrate various developer tools and services with AI agents.
git-mcp-server
A Model Context Protocol (MCP) server that provides Git-specific tools and resources for AI/LLM agents to interact with version control systems.
docker-mcp-server
A Model Context Protocol (MCP) server for containerized execution and file operations, enabling AI assistants to interact with a Docker environment via HTTP.
poly-git-mcp
Provides Model Context Protocol (MCP) tools for AI assistants to manage Git repositories, issues, pull requests, and CI/CD across GitHub, GitLab, Gitea, and Bitbucket platforms.