Skip to main content
mcpFirst-partyLow risk Safety Privacy
GitHub logo

GitHub MCP Server for Claude

Official GitHub MCP server providing comprehensive GitHub API access for repository management, file operations, and search functionality

HarnessClaude CodeCodexCursorClaude Desktop

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://github.com/github/github-mcp-server, https://github.com/JSONbored/awesome-claude/blob/main/content/mcp/github-mcp-server.mdx
Brand
GitHub
Brand domain
github.com
Brand asset source
brandfetch
Package URL
/downloads/mcp/github-mcp-server.mcpb
Package SHA256
0cbf34c03e258fe4bae54d619073caa8277f026af7103ee92323be2a97e7a923
Safety notes
Use a least-privilege GitHub token because repository, issue, pull request, and file operations can modify public or private projects.
Privacy notes
Repository contents, issues, pull requests, comments, org metadata, and user details may be sent through model context.
Author
GitHub
Claim status
unclaimed
Last verified
2025-09-18

Decision playbook

Ready to evaluate for your workflow

Signals are comparatively strong, but you should still validate source, privacy posture, and package provenance for your environment.

Compare context
Selected

0

Current score

96

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as first-party.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Complete

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    Package marked verified.

    Done
  • Checksum metadata

    SHA-256 hash is present.

    Done

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

Package install

Copy-ready — paste the snippet to get started.

3 minutes

Install command

Provided

Config snippet

Provided

Copy snippet

Provided

Prerequisites

10 to clear

Platforms

4 listed

Difficulty

0/100

Adoption plan

Balanced adoption plan

Current risk score 0/100. Use staged verification before broader rollout.

Risk 0

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    Package verification/checksum metadata is available.

    Done

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (6/6 signals complete).

Risk 0

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Present

Package integrity metadata is present.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

6/6 steps complete with no blocking gaps for this preset.

Risk 0

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is available.

Done

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

10 prerequisites to line up before setup. Have accounts and credentials ready first.

0/10 ready
Account & credentials4Install & runtime1Permissions & scopes1Network & hosting1General33 minutes

Safety & privacy surface

Safety & privacy surface

1 safety and 1 privacy notes across 2 risk areas. Review closely: credentials & tokens, network access.

2 areas
  • SafetyCredentials & tokensUse a least-privilege GitHub token because repository, issue, pull request, and file operations can modify public or private projects.
  • PrivacyNetwork accessRepository contents, issues, pull requests, comments, org metadata, and user details may be sent through model context.

Safety notes

  • Use a least-privilege GitHub token because repository, issue, pull request, and file operations can modify public or private projects.

Privacy notes

  • Repository contents, issues, pull requests, comments, org metadata, and user details may be sent through model context.

Prerequisites

  • GitHub account (sign up at https://github.com if needed)
  • GitHub Personal Access Token with repo scope (generate from GitHub Settings > Developer Settings > Personal Access Tokens)
  • Docker installed and running (verify with: docker --version)
  • Internet connection (remote GitHub API access required)
  • Understanding of GitHub API rate limits (5,000 requests/hour for Personal Access Tokens, 15,000/hour for GitHub Apps on Enterprise Cloud)
  • Understanding of repository permissions (read access for viewing, write access for creating/updating files)
  • Understanding of SSO requirements (organization repos may require SSO authorization for Personal Access Tokens)
  • Understanding of repository naming format (owner/repo-name, e.g., github/octocat)
  • Claude Desktop 0.7.0+ or Claude Code with MCP support
  • Understanding of Git concepts (branches, commits, repository structure) for effective use

Schema details

Install type
package
Reading time
1 min
Difficulty score
0
Troubleshooting
Yes
Breaking changes
No
Package metadata
Package verified
Yes
SHA-256
0cbf34c03e258fe4bae54d619073caa8277f026af7103ee92323be2a97e7a923
Skill and platform metadata
Retrieval sources
https://github.com/github/github-mcp-server
Collection metadata
Estimated setup
3 minutes
Difficulty
beginner
Full copyable content
{
  "github": {
    "env": {
      "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
    },
    "args": [
      "run",
      "-i",
      "--rm",
      "-e",
      "GITHUB_PERSONAL_ACCESS_TOKEN",
      "ghcr.io/github/github-mcp-server"
    ],
    "command": "docker"
  }
}

About this resource

Content

Transform how you interact with GitHub repositories by connecting Claude to the official GitHub MCP Server. Seamlessly read, create, and update files across repositories, search code and issues, manage pull requests, and analyze repository insights—all through natural language commands with automatic branch creation and proper Git history preservation.

Features

  • Create, read, update, and delete files across repositories
  • Access repository information, branches, and metadata
  • Search code, issues, pull requests, and users
  • Automatic branch creation and Git history preservation
  • Batch operations support for multi-file changes
  • Repository insights and contributor statistics
  • Advanced GitHub repository and issue management with pull request workflows, code review automation, and team collaboration features
  • Batch operations support for efficient bulk repository operations, issue management, and code review processes with automatic rate limit handling and retry logic
  • Real-time repository synchronization capabilities with webhook integration support for monitoring GitHub events and triggering automated workflows

Use Cases

  • Browse and manage repository files and folders
  • Search code across multiple repositories
  • Access repository information and commit history
  • Create and update files with proper Git history
  • Find issues, pull requests, and collaborators
  • Analyze codebase structure and development patterns
  • Build automated development workflows that sync external systems with GitHub for real-time code management, issue tracking, and collaboration

Installation

Claude Code

  1. Generate a GitHub Personal Access Token with repo scope from GitHub Settings > Developer Settings
  2. Run: claude mcp add github -e GITHUB_PERSONAL_ACCESS_TOKEN=YOUR_TOKEN -- docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN ghcr.io/github/github-mcp-server
  3. Verify installation: claude mcp list
  4. Test connection: claude mcp status github

Claude Desktop

  1. Generate a GitHub Personal Access Token with repo permissions from GitHub Settings > Developer Settings
  2. Open your Claude Desktop configuration file (see configPath below)
  3. Add the GitHub MCP server configuration with your token in the env section
  4. Restart Claude Desktop
  5. Verify connection by asking Claude to show your repositories

Requirements

  • GitHub account (sign up at https://github.com if needed)
  • GitHub Personal Access Token with repo scope (generate from GitHub Settings > Developer Settings > Personal Access Tokens)
  • Docker installed and running (verify with: docker --version)
  • Internet connection (remote GitHub API access required)
  • Understanding of GitHub API rate limits (5,000 requests/hour for Personal Access Tokens, 15,000/hour for GitHub Apps on Enterprise Cloud)
  • Understanding of repository permissions (read access for viewing, write access for creating/updating files)
  • Understanding of SSO requirements (organization repos may require SSO authorization for Personal Access Tokens)
  • Understanding of repository naming format (owner/repo-name, e.g., github/octocat)
  • Claude Desktop 0.7.0+ or Claude Code with MCP support
  • Understanding of Git concepts (branches, commits, repository structure) for effective use

Configuration

{
  "github": {
    "env": {
      "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
    },
    "args": ["run", "-i", "--rm", "-e", "GITHUB_PERSONAL_ACCESS_TOKEN", "ghcr.io/github/github-mcp-server"],
    "command": "docker"
  }
}

Examples

Reading Repository Files

Read files and directories from any GitHub repository you have access to. Claude will fetch the content and help you understand or modify it.

// Ask Claude to read a specific file
"Can you show me the contents of src/lib/utils.ts from my-org/my-repo?";

// Or read multiple files
"Show me all TypeScript files in the src/components directory of my-org/my-repo";

Creating and Updating Files

Create new files or update existing ones. The MCP server automatically creates branches and maintains proper Git history for all changes.

// Create a new React component
"Create a new Button component in my-org/my-repo at src/components/Button.tsx with TypeScript and proper props";

// Update existing file
"Update the README.md in my-org/my-repo to include installation instructions for the new Button component";

Searching Code Across Repositories

Search code using GitHub's powerful search API. Find functions, classes, patterns, or specific implementations across your repositories.

// Search for specific patterns
"Find all files in my-org/my-repo that use the 'useState' hook";

// Search across multiple repos
"Search all my repositories for functions that handle authentication";

Managing Issues and Pull Requests

Query issues and pull requests using GitHub's search syntax. Filter by labels, status, author, and more.

// List issues
"Show me all open issues with the 'bug' label in my-org/my-repo";

// Find pull requests
"Find all pull requests that mention 'authentication' in my-org/my-repo";

Repository Information and Statistics

Access repository metadata, statistics, and insights. Useful for analyzing project health and contributor activity.

// Get repository details
"Show me information about my-org/my-repo including stars, forks, and main language";

// List all repositories
"List all repositories in my-org organization sorted by stars";

Batch File Operations

Perform multiple file operations atomically. The MCP server handles branch creation and ensures all changes are committed together.

// Create multiple related files at once
"Create a new feature in my-org/my-repo:
- Component file at src/components/Feature.tsx
- Test file at src/components/Feature.test.tsx
- Export it from src/components/index.ts"

Create Issue with Labels

Create a new GitHub issue with labels and description

// Create GitHub issue with labels
const issue = await github.issues.create({
  owner: "owner",
  repo: "repo",
  title: "Bug: Fix authentication error",
  body: "Issue description",
  labels: ["bug", "high-priority"],
});

Security

  • Use Personal Access Tokens with minimal required scopes
  • Store tokens securely and rotate regularly
  • Respect GitHub API rate limits
  • All operations maintain proper Git history
  • Built-in error handling for API issues
  • GitHub personal access tokens and OAuth tokens must be securely stored and never exposed in client-side code or public repositories - use environment variables and secure credential management
  • GitHub OAuth access tokens should be scoped with minimal required permissions following the principle of least privilege - regularly audit token permissions and remove unused scopes
  • GitHub repository, issue, and pull request IDs may expose organizational structure and development patterns - ensure GitHub resource identifiers are kept private and not shared in public configurations
  • Rate limiting and API quota management are critical for GitHub MCP servers - implement proper rate limit handling, retry logic, and quota monitoring to prevent service disruption
  • GitHub webhook configurations and payloads may contain sensitive repository data and code information - ensure webhook endpoints are properly secured with authentication and HTTPS encryption

Troubleshooting

API rate limit exceeded: 5000 requests per hour hit

Personal access tokens have 5,000 requests/hour limit. Wait for hourly reset or use GitHub App with 15,000/hour limit for Enterprise Cloud. Check X-RateLimit-Reset header for reset time.

HTTP 401 unauthorized error with valid token

Regenerate personal access token from GitHub Settings > Developer Settings. Verify token includes repo scope for repository access. Check token hasn't expired and update GITHUB_PERSONAL_ACCESS_TOKEN in config.

403 forbidden when accessing organization repos

Authorize token for SSO if organization requires it. Go to GitHub Settings > Applications > Personal Access Tokens, click Configure SSO, and authorize organization. Verify you have repo access.

Repository not found or access denied error

Verify repository name spelling: owner/repo-name format. Check you have read permissions to repository. For private repos, ensure token has repo scope, not just public_repo.

Cannot create or update files - permission error

Verify token has repo write permissions. Check repository isn't archived or locked. For organization repos, confirm you have push access and branch protection rules allow commits.

GitHub MCP server authentication errors with tokens

Verify personal access token is valid and not expired. Check token scopes match required operations. Ensure token format is correct (Bearer token in Authorization header). For OAuth integrations, verify token refresh logic is working correctly.

GitHub rate limit errors when making multiple API calls

Implement exponential backoff retry logic with jitter. Use GitHub API rate limit headers to monitor usage. Reduce concurrent requests. Cache frequently accessed repository data. GitHub allows 5,000 requests per hour for authenticated users.

GitHub repository or issue access denied errors

Verify token has access to the repository. Check repository permissions and organization membership. Ensure token has required scopes (repo, issues, pull_requests) for target operations.

GitHub MCP server connection timeouts or network errors

Check network connectivity and firewall settings. Verify GitHub API endpoints are accessible. Increase request timeout values. Implement connection pooling and retry mechanisms with exponential backoff.

Source citations

Add this badge to your README

Show that GitHub MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/github-mcp-server.svg)](https://heyclau.de/entry/mcp/github-mcp-server)

How it compares

GitHub MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).

Field

Official GitHub MCP server providing comprehensive GitHub API access for repository management, file operations, and search functionality

Open dossier

Official MCP server providing Git repository tools for reading, searching, and manipulating Git repositories

Open dossier

Official LINE MCP server that connects Claude and other AI agents to the LINE Messaging API for push messages, broadcasts, profile lookup, quotas, follower IDs, and rich-menu management.

Open dossier

Read and write records, manage bases and tables in Airtable directly from Claude

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustDiffersPackage verifiedPackage verifiedPackage not verifiedPackage verified
Source provenanceDiffersSource-backedNo submission linkSource-backedNo submission link
SubmitterDiffersoktofeesh1
Install riskLow riskLow riskReview firstLow risk
Notes Safety Privacy Safety Privacy Safety Privacy Safety Privacy
BrandGitHub logoGitHubAnthropic logoAnthropicLINE Bot MCP Server logoLINE Bot MCP ServerAirtable logoAirtable
Categorymcpmcpmcpmcp
Sourcefirst-partyfirst-partysource-backedfirst-party
AuthorGitHubAnthropicLINEdomdomegg
Added2025-09-182025-09-162026-06-062025-09-18
Platforms
Claude CodeCodexCursorClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Claude CodeClaude Desktop
Source repo
Safety notesUse a least-privilege GitHub token because repository, issue, pull request, and file operations can modify public or private projects.Restrict access to intended repositories and review write operations because commands can alter branches, commits, and working trees.LINE Bot MCP Server can push text and flex messages to users, broadcast messages to all followers, retrieve follower IDs, inspect profiles, check message quotas, create rich menus, set default rich menus, cancel defaults, and delete rich menus. Broadcast and rich-menu tools can affect every user following the connected LINE Official Account, so require human approval before running them in production. Push-message tools can contact individual users directly; confirm the target `userId`, message body, and account context before sending. Rich-menu tools can upload generated menu images and change user-facing navigation for the account. Use least-privilege channel tokens where possible, keep test and production LINE accounts separate, and monitor quota consumption. The upstream README marks the project as a preview version for experimental use with potentially incomplete functionality or support.Restrict the Airtable API key to the bases and write scopes Claude is allowed to use before enabling record or schema changes.
Privacy notesRepository contents, issues, pull requests, comments, org metadata, and user details may be sent through model context.Source code, commit history, author metadata, file paths, and repository configuration may be sent through tool calls.Channel access tokens, destination user IDs, follower IDs, profile display names, profile picture URLs, status messages, language, message contents, flex-message JSON, and rich-menu IDs can be exposed to the MCP client. Broadcast prompts, generated messages, user IDs, and profile results may be retained in MCP client logs, terminal history, model context, or chat transcripts. Treat LINE Official Account credentials and recipient identifiers as secrets, and avoid pasting real tokens or user IDs into shared logs. Review LINE platform policies and internal consent requirements before retrieving follower IDs or using AI-generated outbound messages.Airtable records, field values, attachments, and base metadata may be sent through the MCP client and model context.
Prerequisites
  • GitHub account (sign up at https://github.com if needed)
  • GitHub Personal Access Token with repo scope (generate from GitHub Settings > Developer Settings > Personal Access Tokens)
  • Docker installed and running (verify with: docker --version)
  • Internet connection (remote GitHub API access required)
  • Git installed (verify with: git --version, install via sudo apt install git (Linux) or brew install git (macOS))
  • Node.js and npx available (comes with Node.js, verify with: npx --version)
  • Local Git repository (server works with local repositories only, navigate to repository root directory)
  • File system read permissions for repository directory (check with ls -l or icacls)
  • Node.js 22 or newer for the published npm package.
  • A LINE Official Account with the Messaging API enabled.
  • A LINE channel access token with the permissions needed for the intended tools.
  • A destination user ID when using the default recipient flow for push-message tools.
  • Node.js 18+ installed for running npx commands and MCP server packages
  • Airtable Personal Access Token (PAT) from https://airtable.com/account
  • Required API scopes: data.records:read (minimum), data.records:write (for updates), schema.bases:read (for schema operations)
  • Base ID for the Airtable base you want to access (starts with 'app' prefix)
Install
claude mcp add github -e GITHUB_PERSONAL_ACCESS_TOKEN=YOUR_TOKEN -- docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN ghcr.io/github/github-mcp-server && claude mcp list
claude mcp list && claude mcp status git
npx -y @line/line-bot-mcp-server
claude mcp add airtable --env AIRTABLE_API_KEY=YOUR_KEY -- npx -y airtable-mcp-server && claude mcp list
Config
{
  "mcpServers": {
    "github": {
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
      },
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "GITHUB_PERSONAL_ACCESS_TOKEN",
        "ghcr.io/github/github-mcp-server"
      ],
      "command": "docker",
      "type": "stdio"
    }
  }
}
{
  "mcpServers": {
    "git": {
      "args": [
        "-y",
        "@modelcontextprotocol/server-git"
      ],
      "command": "npx",
      "type": "stdio"
    }
  }
}
Manual-only setup:
claude mcp add line-bot --env CHANNEL_ACCESS_TOKEN=YOUR_CHANNEL_ACCESS_TOKEN -- npx -y @line/line-bot-mcp-server
{
  "mcpServers": {
    "airtable": {
      "env": {
        "AIRTABLE_API_KEY": "${AIRTABLE_API_KEY}"
      },
      "args": [
        "-y",
        "airtable-mcp-server"
      ],
      "command": "npx",
      "type": "stdio"
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.