copilot-mcp-server
Verified Safeby x51xxx
Overview
Connects an MCP-compatible client (like Claude Code) to GitHub Copilot CLI for automated code analysis, review, refactoring, and brainstorming.
Installation
npx -y @trishchuk/copilot-mcp-serverEnvironment Variables
- COPILOT_MODEL
- COPILOT_MCP_CWD
- HTTPS_PROXY
- HTTP_PROXY
- LOG_LEVEL
Security Notes
The server acts as a proxy to GitHub Copilot CLI, which itself can perform powerful operations like file modification and command execution. The MCP server explicitly exposes and documents security controls such as `allowAllTools`, `allowTool`, `denyTool`, `addDir`, and `allowAllPaths`, which are passed directly to the underlying Copilot CLI. While the server itself uses `cross-spawn` for command execution, it does so to invoke the sandboxed `copilot` CLI. There is no direct `eval` or arbitrary code execution within the MCP server's own logic. The overall security largely depends on how the user configures these tool permissions and directory access controls. Enabling `allowAllTools: true` and `allowAllPaths: true` without careful consideration can introduce significant risks.
Similar Servers
claude-codex-settings
A comprehensive toolkit and configuration for developing Claude Code plugins, integrating various external services and APIs, and enhancing AI-assisted coding workflows.
consult-llm-mcp
An MCP server that allows AI agents like Claude Code to consult stronger, more capable AI models (e.g., GPT-5.2, Gemini 3.0 Pro) for complex code analysis, debugging, and architectural advice.
copilot-kit
Provides a curated collection of GitHub Copilot prompts, instructions, and configurations to enhance developer productivity and streamline AI-assisted programming workflows in VS Code.
copilot-mcp-tool
Integrate GitHub Copilot CLI with Model Context Protocol (MCP) clients to provide AI-powered coding assistance and session management.