gh-mcp

`gh-mcp` is a GitHub CLI extension that launches the `github-mcp-server` bundled binary as an MCP server, using the user’s existing `gh` authentication instead of requiring manual GitHub PAT setup. It verifies the bundled server archive via a pinned SHA256, extracts it for the current platform, and starts the server while passing credentials and configuration through environment variables.

Evaluated Mar 30, 2026 (21d ago)
Repo ↗ DevTools ai-ml mcp github authentication cli-tool developer-tools security supply-chain-integrity
⚙ Agent Friendliness
65
/ 100
Can an agent use this?
🔒 Security
67
/ 100
Is it safe for agents?
⚡ Reliability
32
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
78
Documentation
82
Error Messages
--
Auth Simplicity
85
Rate Limits
10

🔒 Security

TLS Enforcement
75
Auth Strength
70
Scope Granularity
55
Dep. Hygiene
45
Secret Handling
85

Strengths: bundled archive integrity verification via pinned SHA256; troubleshooting calls out insecure cache directory permissions; README states the GitHub token is never stored by the extension and credentials are passed to the server process via environment variables; temp extracted binary is removed after exit. Concerns/uncertainties: scope granularity is limited to toolsets/read-only and dynamic discovery flags (not explicit OAuth scopes); dependency/CVE hygiene is not assessable from provided content; TLS enforcement for network calls to GitHub is not described (assumed via `gh`/server defaults).

⚡ Reliability

Uptime/SLA
0
Version Stability
45
Breaking Changes
30
Error Recovery
55
AF Security Reliability

Best When

You already use `gh auth login` and want an agent/MCP client to interact with GitHub via the official `github-mcp-server` without handling PATs manually.

Avoid When

You run `gh mcp` from an untrusted wrapper process (due to explicit note about proxy/certificate variable forwarding) or you cannot control the forwarded `GITHUB_*` environment values safely.

Use Cases

  • Run GitHub-backed MCP tools (e.g., repos/issues/PR-related) from any MCP client (Claude Code, etc.) using existing `gh auth`
  • Avoid manual GitHub PAT creation for MCP workflows
  • Provide read-only or limited toolset MCP access to reduce risk from agent-driven operations

Not For

  • Producing an HTTP/REST API for GitHub data directly (this is an MCP server wrapper, not a web API)
  • Platforms where the bundled `github-mcp-server` archive for the OS/architecture is not available
  • Environments where forwarding environment variables (including proxy/cert settings) from an untrusted wrapper process is unacceptable

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
Yes
SDK
No
Webhooks
No

Authentication

Methods: Uses existing `gh` CLI authentication; launches bundled `github-mcp-server` with credentials derived from `gh` session/auth config Environment-variable configuration for server behavior (e.g., toolsets, read-only)
OAuth: No Scopes: No

No OAuth flow is described for this extension itself; it relies on whatever `gh` authentication mode the user has configured (e.g., PAT stored/managed by `gh`) and passes credentials to the child MCP server via environment variables.

Pricing

Free tier: No
Requires CC: No

No pricing information is provided in the README.

Agent Metadata

Pagination
none
Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • If running `gh mcp` from an untrusted wrapper process, proxy/certificate variables may be forwarded (per trust model note).
  • Unsupported OS/architecture will fail due to missing bundled archive.
  • Misconfigured `GITHUB_*` environment values (e.g., containing line breaks or NUL bytes) can break the forwarded environment.
  • Credential availability depends on `gh` being logged in and a default host being configured.

Alternatives

Run `github-mcp-server` directly with a manually configured PAT (external MCP server setup) Use a containerized/deployed `github-mcp-server` behind your own auth/proxy controls Use other MCP GitHub integrations that support OAuth/PKCE or direct GitHub App authentication (if available)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for gh-mcp.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-30.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered