GitHub MCP Server (Official)

GitHub's official MCP server — gives AI agents direct access to GitHub repositories, issues, pull requests, code search, and Actions via the Model Context Protocol.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Developer Tools github mcp git code-review issues pull-requests official
⚙ Agent Friendliness
90
/ 100
Can an agent use this?
🔒 Security
92
/ 100
Is it safe for agents?
⚡ Reliability
88
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
92
Documentation
92
Error Messages
88
Auth Simplicity
85
Rate Limits
88

🔒 Security

TLS Enforcement
100
Auth Strength
90
Scope Granularity
92
Dep. Hygiene
90
Secret Handling
88

Fine-grained PATs with repository and permission scoping. GitHub App installations provide org-level permission management. MIT licensed, official GitHub-maintained. TLS enforced for all API and MCP transport. Token never committed — environment variable only.

⚡ Reliability

Uptime/SLA
92
Version Stability
88
Breaking Changes
85
Error Recovery
88
AF Security Reliability

Best When

Your agent needs to interact with GitHub repositories — read code, create PRs, manage issues — without building custom GitHub API integration.

Avoid When

You're on GitLab or Bitbucket, or need Git operations beyond what the GitHub REST API supports.

Use Cases

  • Agents reading and writing code in GitHub repositories
  • Automating code review — agent reads PR diff and adds inline comments
  • Creating and managing GitHub Issues and Pull Requests from agent workflows
  • Searching code across repositories using GitHub's code search
  • Triggering and monitoring GitHub Actions workflows from agents

Not For

  • GitLab or Bitbucket repositories (GitHub-specific MCP server)
  • Bulk repository operations requiring raw Git protocol access
  • Teams not using GitHub as their primary VCS

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: bearer_token
OAuth: Yes Scopes: Yes

GitHub Personal Access Token (PAT) or GitHub App installation token. Fine-grained PATs recommended for least-privilege. Scopes map to GitHub API permissions (repo, issues, pull_requests, actions, etc.).

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

The MCP server itself is MIT licensed and free. GitHub API rate limits apply based on your GitHub plan.

Agent Metadata

Pagination
cursor
Idempotent
Partial
Retry Guidance
Documented

Known Gotchas

  • Fine-grained PATs must specify repository access explicitly — easy to miss repo permissions
  • GitHub search API has a separate 30 req/minute rate limit from the general 5K/hour
  • Creating duplicate PRs or issues if agents retry without checking for existing ones
  • Repository contents are base64-encoded — agents must decode file content after reading
  • GitHub Actions secrets cannot be read via API (only set) — don't try to retrieve secrets

Alternatives

github-rest-api gitlab-api gitlabci-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for GitHub MCP Server (Official).

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5177
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered