mackenzie-github-mcp-server
An MCP (Model Context Protocol) server that exposes a set of GitHub operations (users, issues, pull requests, repositories, code search, and some code scanning alerts) to AI agents by wrapping GitHub APIs behind MCP tools. It can be run via Docker or built from source (Go binary) and authenticates to GitHub using a Personal Access Token passed via environment variable.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Uses a PAT provided via environment variable; this is typical but increases blast radius if overly permissive. The README does not document least-privilege scopes per tool, nor how secrets are handled internally (logging, redaction). Transport security (HTTPS to GitHub) is likely by the underlying GitHub client but is not explicitly stated. Project is MIT-licensed; dependency hygiene and vulnerability posture are not verifiable from the provided content.
⚡ Reliability
Best When
You want an MCP-native integration for agent tooling in VS Code or Claude Desktop and you’re comfortable authenticating via a GitHub PAT and operating the container/binary.
Avoid When
You need a public, vendor-hosted service with guaranteed SLAs, or you need fine-grained webhook/event delivery (this appears to be request/response tooling only).
Use Cases
- • Automating GitHub workflows and repository interactions (issues, PRs, comments, branches, files).
- • Building AI-powered developer tools that read and update GitHub resources.
- • Searching GitHub for issues/pull requests, repositories, users, and code; optionally retrieving code scanning alerts.
Not For
- • Running without GitHub credentials for any privileged actions (most operations require a token).
- • Highly regulated environments that disallow use of personal access tokens without additional governance/controls.
- • Use as a general-purpose GitHub API proxy when you need a stable HTTP/SDK contract rather than MCP tool semantics.
Interface
Authentication
Authentication is via a PAT provided to the server container/binary. README instructs to enable the permissions you feel comfortable granting, but does not document required scopes per tool.
Pricing
No service pricing described; usage depends on where you host/run the MCP server (Docker image or self-hosted binary) and GitHub API usage/limits.
Agent Metadata
Known Gotchas
- ⚠ Write operations may be non-idempotent (creating issues/comments/merges/files). Agents should avoid blind retries without deduplication logic.
- ⚠ Authentication is based on a PAT; mis-scoped tokens will cause authorization failures, but the required scopes per tool are not documented here.
- ⚠ Rate limiting behavior is not described in the provided README (agents may need to handle GitHub rate limits defensively).
- ⚠ The repository metadata indicates the project is archived; tooling may lag behind GitHub API changes.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for mackenzie-github-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.