GitHub MCP Server

Official GitHub MCP server enabling AI agents to interact with GitHub repositories, issues, pull requests, code search, Actions workflows, and more — built by GitHub.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Developer Tools github git version-control mcp-server official code-search pull-requests issues copilot
⚙ Agent Friendliness
90
/ 100
Can an agent use this?
🔒 Security
96
/ 100
Is it safe for agents?
⚡ Reliability
92
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
90
Documentation
93
Error Messages
91
Auth Simplicity
85
Rate Limits
88

🔒 Security

TLS Enforcement
100
Auth Strength
94
Scope Granularity
97
Dep. Hygiene
92
Secret Handling
95

Fine-grained PATs, GitHub Apps, and OAuth provide layered security options. Secret scanning, advanced audit logs, and SAML SSO available. GitHub's security team is world-class.

⚡ Reliability

Uptime/SLA
98
Version Stability
92
Breaking Changes
88
Error Recovery
90
AF Security Reliability

Best When

An AI agent needs to read, write, or manage GitHub resources — issues, PRs, code, workflows — as part of a development or DevOps workflow.

Avoid When

You use GitLab, Bitbucket, or self-hosted Git — this is GitHub-specific.

Use Cases

  • Reading and creating GitHub issues and pull requests from agents
  • Searching code across repositories for context
  • Triggering and monitoring GitHub Actions workflows
  • Managing repository contents, branches, and commits
  • Reviewing and commenting on pull requests in agent loops

Not For

  • Private repos without appropriate token permissions
  • Real-time git operations (Git itself is faster for local ops)
  • Self-hosted GitLab or Bitbucket — GitHub only

Interface

REST API
Yes
GraphQL
Yes
gRPC
No
MCP Server
Yes
SDK
Yes
Webhooks
Yes
OpenAPI Spec ↗

Authentication

Methods: personal_access_token github_app oauth2
OAuth: Yes Scopes: Yes

PAT (classic or fine-grained) for simple setups. GitHub Apps provide fine-grained permissions per repository. Fine-grained PATs can scope to specific repos and specific operations. Excellent scope granularity.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

MCP server is open source and free. GitHub account required. Rate limits apply.

Agent Metadata

Pagination
cursor
Idempotent
Full
Retry Guidance
Documented

Known Gotchas

  • Fine-grained PATs have 90-day maximum expiration — agents must handle token refresh or rotation
  • Secondary rate limits (burst protection) kick in on rapid sequential writes — add backoff
  • GraphQL and REST APIs have different rate limit pools — track separately if using both
  • Code search API has separate, stricter rate limits (10 requests/minute unauthenticated, 30 authenticated)
  • File contents from API are base64-encoded — agents must decode before processing
  • Large file contents may be truncated — use Git Data API or raw URLs for full content

Alternatives

gitlab-mcp gitpython-api octokit-sdk

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for GitHub MCP Server.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

4643
Packages Evaluated
10313
Need Evaluation
173
Need Re-evaluation
Community Powered