GitHub REST API

GitHub's comprehensive REST API for programmatic access to repositories, pull requests, issues, actions, code search, and all GitHub platform features.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Developer Tools github git rest-api repositories pull-requests issues oauth webhooks
⚙ Agent Friendliness
77
/ 100
Can an agent use this?
🔒 Security
91
/ 100
Is it safe for agents?
⚡ Reliability
89
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
92
Error Messages
88
Auth Simplicity
82
Rate Limits
85

🔒 Security

TLS Enforcement
100
Auth Strength
88
Scope Granularity
90
Dep. Hygiene
92
Secret Handling
85

Fine-grained PATs with per-repo, per-permission scopes. GitHub Apps for org-level access. SOC2, ISO27001, FedRAMP Moderate. Token scanning and secret alerts. Same security as github-mcp-server — direct REST API alternative.

⚡ Reliability

Uptime/SLA
92
Version Stability
90
Breaking Changes
88
Error Recovery
85
AF Security Reliability

Best When

You need broad GitHub platform integration beyond code search - issues, PRs, Actions, repos, teams, and org management from agents.

Avoid When

You only need code search (GraphQL API is better) or you're already using the MCP server for simpler integration.

Use Cases

  • Automating PR review workflows and code quality checks
  • Creating issues, comments, and labels from agent workflows
  • Fetching repository metadata and code for analysis
  • Managing GitHub Actions workflow triggers and status checks
  • Building code search and dependency analysis tools

Not For

  • Direct Git operations (use Git protocol or libgit2 instead)
  • GitHub Enterprise Server with very old API versions
  • GraphQL-preferred use cases (GitHub also has a GraphQL API)

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
No
SDK
Yes
Webhooks
Yes
OpenAPI Spec ↗

Authentication

Methods: api_key oauth2
OAuth: Yes Scopes: Yes

Personal Access Tokens (classic or fine-grained) for direct agent use. OAuth apps for user-context auth. GitHub Apps for installation-scoped permissions. Fine-grained PATs are recommended for agents with minimum necessary permissions.

Pricing

Model: freemium
Free tier: Yes
Requires CC: No

API itself is free. Rate limits are generous for authenticated use. GitHub Apps get 5,000 requests/hour per installation. Enterprise increases limits further.

Agent Metadata

Pagination
cursor
Idempotent
Partial
Retry Guidance
Documented

Known Gotchas

  • Secondary rate limits (abuse detection) can trigger even under primary rate limit - watch for 403 with secondary_rate_limit message
  • Fine-grained PATs have expiry dates - agents need token rotation strategy
  • GitHub Apps have higher rate limits than PATs but require installation flow - more complex to set up
  • Large file contents are base64 encoded - agents must decode; files >1MB require Git Data API or raw download
  • Webhook events have different payload schemas per event type - agents must handle multiple schemas

Alternatives

github-mcp-server gitlab-api

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for GitHub REST API.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5229
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered