When should you use this server
- Triage issues and pull requests, or generate daily summaries of repo activity
- Search code for API usage, functions, or configuration keys before making changes
- Automate repository housekeeping (e.g., create PRs, label issues) under guardrails
Key features
- Repository listing and metadata retrieval
- Issue and pull request querying and creation
- Code search across repositories or organizations
- Commit history inspection
Authentication
- Method: OAuth2 (hosted) or Personal Access Token (PAT) for local/self-hosted setups
- Scopes:
repo, read:org; optionally workflow and read:packages if needed
- Notes: Organization policies may restrict which methods are allowed
Endpoints
- Remote (hosted):
https://api.githubcopilot.com/mcp/
- Local (Docker image):
ghcr.io/github/github-mcp-server
Remote server is in Public Preview; access can be gated by OAuth/PAT policies and the “MCP servers in Copilot” org policy.
Setup & usage
VS Code (remote, OAuth)
{
"servers": {
"github": {
"type": "http",
"url": "https://api.githubcopilot.com/mcp/"
}
}
}
VS Code (Using a GitHub PAT)
{
"servers": {
"github": {
"type": "http",
"url": "https://api.githubcopilot.com/mcp/",
"headers": {
"Authorization": "Bearer ${input:github_mcp_pat}"
}
}
},
"inputs": [
{
"type": "promptString",
"id": "github_mcp_pat",
"description": "GitHub Personal Access Token",
"password": true
}
]
}
Install in other MCP hosts
Connect via Portkey MCP Gateway
Portkey MCP Gateway provides centralized access control, observability, and credential management for GitHub’s MCP server. Connect once, and all agents get managed GitHub access.
| Method | Use Case | Setup Complexity |
|---|
| OAuth (GitHub OAuth App) | Per-user authentication, user-specific repos/issues | Higher (requires GitHub OAuth App) |
| PAT (Personal Access Token) | Shared access, team repositories | Lower (header-based) |
Unlike MCP servers that support Dynamic Client Registration (DCR), GitHub requires creating an OAuth App and providing credentials to Portkey manually.
Method 1: OAuth with GitHub OAuth App
For per-user authentication where each user authorizes their own GitHub access and actions are attributed to individual users.
Step 1: Create a GitHub OAuth Application
- Go to GitHub → Settings → Developer settings → OAuth Apps
- Click New OAuth App
- Configure the application:
| Field | Value |
|---|
| Application name | Your app name (e.g., “Portkey MCP Gateway”) |
| Homepage URL | Your organization’s URL |
| Authorization callback URL | https://mcp.portkey.ai/oauth/upstream-callback |
- Click Register application
- Copy the Client ID
- Click Generate a new client secret and copy the Client Secret
Store the Client Secret securely—GitHub only shows it once.
Step 2: Add GitHub to Portkey MCP Registry
- Go to MCP Registry → Add MCP Integration
- Fill in the basic details:
| Field | Value |
|---|
| Name | GitHub |
| Slug | github |
| Server URL | https://api.githubcopilot.com/mcp/ |
| Auth Type | OAuth 2.1 |
- Expand Advanced Configuration and add:
{
"oauth_client_metadata": {
"client_id": "your_github_oauth_client_id",
"client_secret": "your_github_oauth_client_secret",
"redirect_uri": "https://mcp.portkey.ai/oauth/upstream-callback",
"scope": "repo read:org"
}
}
Add additional scopes like workflow and read:packages if your agents need to manage GitHub Actions or packages.
- Configure access control to specify which workspaces can use this server
- Save the integration
Step 3: Connect from Agent
With Portkey OAuth 2.1, agents connect without credentials in headers:
{
"mcpServers": {
"github": {
"url": "https://mcp.portkey.ai/github/mcp"
}
}
}
Method 2: Personal Access Token (PAT)
For shared access with simpler setup. All actions appear under a single GitHub account.
Step 1: Create a GitHub PAT
- Go to GitHub → Settings → Developer settings → Personal access tokens → Tokens (classic)
- Click Generate new token (classic)
- Give the token a descriptive name
- Select scopes:
repo — Full control of private repositoriesread:org — Read org membership- (Optional)
workflow — Update GitHub Action workflows
- (Optional)
read:packages — Read packages
- Click Generate token and copy it
Store the PAT securely—GitHub only shows it once. Consider using fine-grained tokens for more restrictive access.
Step 2: Add GitHub to Portkey MCP Registry
- Go to MCP Registry → Add MCP Integration
- Fill in the basic details:
| Field | Value |
|---|
| Name | GitHub |
| Slug | github |
| Server URL | https://api.githubcopilot.com/mcp/ |
| Auth Type | Custom |
- In Custom Headers, add a key-value pair:
| Key | Value |
|---|
Authorization | Bearer ghp_your_personal_access_token |
- Configure access control and save the integration
Step 3: Connect from Agent
{
"mcpServers": {
"github": {
"url": "https://mcp.portkey.ai/github/mcp",
"headers": {
"Authorization": "Bearer <PORTKEY_API_KEY>"
}
}
}
}
Choosing Between OAuth and PAT
| Consideration | OAuth | PAT |
|---|
| User attribution | ✅ Actions tied to individual GitHub users | ❌ All actions under PAT owner’s account |
| Repository access | Repos the user has authorized | Repos accessible to PAT owner |
| Token management | Portkey handles storage and refresh | Manual rotation required |
| Agent configuration | No credentials in agent config | Requires Portkey API key header |
| Setup complexity | Higher (OAuth App creation) | Lower (just generate PAT) |
| Best for | User-specific workflows, personal repos, audit trails | Team repos, CI/CD automation, shared resources |
cancel_workflow_run
Cancels a workflow run that is currently in progress. Useful for stopping jobs triggered by mistake, stuck runs, or unnecessary duplicate builds.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.run_id (number, required) — unique identifier of the workflow run.
delete_workflow_run_logs
Deletes all logs associated with a specific workflow run. Helpful for reclaiming storage space or removing outdated run data.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
download_workflow_run_artifact
Downloads a single artifact generated by a workflow run (e.g., build output, test reports).
Arguments:
artifact_id (number, required) — unique identifier of the artifact.owner (string, required)repo (string, required)
get_job_logs
Retrieves logs for specific jobs within a workflow run. Supports filtering for only failed jobs, returning full content, or tailing the last N lines.
Arguments:
owner (string, required)repo (string, required)failed_only (boolean, optional) — when true, returns logs for all failed jobs in run_id.job_id (number, optional) — workflow job ID (for one job’s logs).run_id (number, optional) — workflow run ID (required with failed_only).return_content (boolean, optional) — whether to return log content instead of URLs.tail_lines (number, optional) — number of lines to return from the end of the log.
get_workflow_run
Retrieves detailed information about a specific workflow run, including status, event, branch, and timestamps.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
get_workflow_run_logs
Returns the full logs for an entire workflow run, across all jobs.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
get_workflow_run_usage
Shows resource usage statistics (billable minutes, operating system, runtime) for a given workflow run. Useful for tracking costs and optimizing pipelines.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
list_workflow_jobs
Lists all jobs associated with a workflow run, including job names, statuses, and completion times.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)filter (string, optional) — filter by completed_at timestamp.page (number, optional) — page number (default 1).perPage (number, optional) — results per page (1–100).
list_workflow_run_artifacts
Lists all artifacts created during a workflow run, with IDs and metadata for later download.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)page (number, optional)perPage (number, optional)
list_workflow_runs
Lists past runs for a given workflow, with filters for branch, actor, event type, or status.
Arguments:
owner (string, required)repo (string, required)workflow_id (string, required) — workflow file name (e.g. ci.yml) or numeric ID.actor (string, optional) — filter runs by user.branch (string, optional) — filter by branch name.event (string, optional) — filter by event type.status (string, optional) — filter by check run status.page (number, optional)perPage (number, optional)
list_workflows
Lists all workflows defined in the repository (e.g., CI/CD, test, build pipelines).
Arguments:
owner (string, required)repo (string, required)page (number, optional)perPage (number, optional)
rerun_failed_jobs
Triggers a rerun for only the failed jobs in a workflow run, instead of rerunning everything.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
rerun_workflow_run
Reruns the entire workflow run, including all jobs.
Arguments:
owner (string, required)repo (string, required)run_id (number, required)
run_workflow
Dispatches a new workflow run by reference (branch or tag). Supports passing custom workflow inputs.
Arguments:
-
owner (string, required)
-
repo (string, required)
-
workflow_id (string, required) — workflow ID or file name (e.g., ci.yml).
-
ref (string, required) — git ref (branch or tag).
-
inputs (object, optional) — inputs accepted by the workflow.
get_code_scanning_alert
Retrieves details of a single code scanning alert (e.g., CodeQL or third-party scanner findings) for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the code scanning alert.
get_code_scanning_alert
Retrieves details of a single code scanning alert (e.g., CodeQL or third-party scanner findings) for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the code scanning alert.
list_code_scanning_alerts
Lists all code scanning alerts for a repository. Supports filtering by branch, severity, state, or scanning tool.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.ref (string, optional) — git ref to filter results.severity (string, optional) — filter by severity.state (string, optional) — filter by state (defaults to open).tool_name (string, optional) — filter by scanner/tool name.
get_me
Fetches the authenticated user’s GitHub profile information (login, name, email, etc.).
Arguments:
None
get_team_members
Retrieves all members of a specific GitHub team within an organization.
Arguments:
org (string, required) — organization login.team_slug (string, required) — team slug.
get_teams
Lists teams associated with a user (or the authenticated user if no username is provided).
Arguments:
user (string, optional) — GitHub username.
get_dependabot_alert
Retrieves details about a single Dependabot security alert for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the Dependabot alert.
list_dependabot_alerts
Lists all Dependabot alerts for a repository, with filters for severity and state.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.severity (string, optional) — filter by severity.state (string, optional, default=open) — filter by alert state.
get_discussion
Retrieves the details of a specific GitHub Discussion (title, body, author, category, comments count).
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.discussionNumber (number, required) — unique identifier of the discussion.
Gets comments from a specific GitHub Discussion, with pagination support.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.discussionNumber (number, required) — unique identifier of the discussion.perPage (number, optional, min 1, max 100) — number of comments per page.after (string, optional) — cursor for pagination.
list_discussion_categories
Lists all available categories for discussions in a repository or across an organization.
Arguments:
owner (string, required) — repository owner or organization.repo (string, optional) — repository name; if omitted, queries at the organization level.
list_discussions
Lists discussions for a repository or organization, with filters for category, sorting, and pagination.
Arguments:
owner (string, required) — repository owner or organization.repo (string, optional) — repository name.category (string, optional) — discussion category ID.orderBy (string, optional) — field to order by.direction (string, optional) — ascending/descending order.perPage (number, optional) — number of results per page.after (string, optional) — pagination cursor.
create_gist
Creates a new GitHub Gist (single file, with optional description and visibility).
Arguments:
filename (string, required) — file name.content (string, required) — file content.description (string, optional) — gist description.public (boolean, optional) — visibility of the gist.
list_gists
Lists Gists for a user (or the authenticated user if username is not provided). Supports pagination and date filters.
Arguments:
username (string, optional) — GitHub username.since (string, optional, ISO 8601) — updated after date.page (number, optional) — page number.perPage (number, optional) — results per page.
update_gist
Updates an existing Gist’s content, description, or adds a file.
Arguments:
gist_id (string, required) — unique identifier of the gist.filename (string, required) — file name.content (string, required) — file content.description (string, optional) — gist description.
Adds a new comment to an issue.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — issue number.body (string, required) — comment body.
add_sub_issue
Attaches an existing issue as a sub-issue of another parent issue.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — parent issue number.sub_issue_id (number, required) — ID of the sub-issue.replace_parent (boolean, optional) — replace current parent if already assigned.
assign_copilot_to_issue
Assigns GitHub Copilot to a specific issue, so AI can draft solutions or manage tasks.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issueNumber (number, required) — issue number.
create_issue
Opens a new GitHub issue. Supports assigning users, adding labels, milestones, and custom issue types.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.title (string, required) — issue title.body (string, optional) — issue body.assignees (string[], optional) — list of assignees.labels (string[], optional) — list of labels.milestone (number, optional) — milestone number.type (string, optional) — custom issue type.
get_issue
Retrieves details of a specific issue, including title, body, labels, state, and assignees.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — issue number.
Lists comments on a specific issue.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — issue number.page (number, optional) — page number.perPage (number, optional) — results per page.
list_issue_types
Lists all available issue types for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.
list_issues
Lists issues in a repository with filters for labels, state, dates, sorting, and pagination.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.labels (string[], optional) — filter by labels.state (string, optional) — filter by issue state.since (string, optional) — ISO 8601 timestamp to filter updated issues.orderBy (string, optional) — field to order by.direction (string, optional) — sort direction.perPage (number, optional) — results per page.after (string, optional) — pagination cursor.
list_sub_issues
Lists all sub-issues attached to a parent issue.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — parent issue number.page (number, optional) — page number.per_page (number, optional) — results per page.
remove_sub_issue
Removes a sub-issue from its parent issue.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — parent issue number.sub_issue_id (number, required) — ID of the sub-issue to remove.
reprioritize_sub_issue
Changes the order of sub-issues within a parent issue by moving one before or after another.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — parent issue number.sub_issue_id (number, required) — sub-issue to move.before_id (number, optional) — move before this sub-issue.after_id (number, optional) — move after this sub-issue.
search_issues
Searches for issues across GitHub or within a repository using GitHub’s issue search syntax.
Arguments:
query (string, required) — search string.owner (string, optional) — restrict search to a repo owner.repo (string, optional) — restrict search to a specific repo.sort (string, optional) — field to sort by.order (string, optional) — sort direction (asc/desc).page (number, optional) — page number.perPage (number, optional) — results per page.
update_issue
Edits an existing issue, allowing updates to the title, body, labels, assignees, milestone, state, or type.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.issue_number (number, required) — issue number.title (string, optional) — new issue title.body (string, optional) — new issue body.labels (string[], optional) — list of labels.assignees (string[], optional) — list of assignees.milestone (number, optional) — milestone number.state (string, optional) — issue state.type (string, optional) — custom issue type.type (string, optional)
get_code_scanning_alert
Retrieves details of a single code scanning alert (e.g., CodeQL or third-party scanner findings) for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the code scanning alert.
list_code_scanning_alerts
Lists code scanning alerts for a repository. Supports filtering by severity, state, tool name, or git reference.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.ref (string, optional) — git reference for the results.severity (string, optional) — filter by severity.state (string, optional) — filter by state (defaults to open).tool_name (string, optional) — filter by scanning tool name.
get_me
Returns the profile information of the authenticated user.
Arguments:
None
get_team_members
Lists all members of a team within an organization.
Arguments:
org (string, required) — organization login.team_slug (string, required) — team slug.
get_teams
Lists teams for a given user (or the authenticated user if no username is specified).
Arguments:
user (string, optional) — GitHub username.
get_dependabot_alert
Retrieves details of a single Dependabot security alert for a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the Dependabot alert.
list_dependabot_alerts
Lists Dependabot alerts for a repository. Can be filtered by severity and state.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.severity (string, optional) — filter by severity.state (string, optional) — filter by state (defaults to open).
get_discussion
Retrieves details of a single GitHub Discussion, including title, body, author, and metadata.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.discussionNumber (number, required) — discussion number.
Lists comments in a GitHub Discussion, with optional pagination.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.discussionNumber (number, required) — discussion number.perPage (number, optional) — results per page (min 1, max 100).after (string, optional) — cursor for pagination.
list_discussion_categories
Lists available discussion categories in a repository (or across an organization if no repo is specified).
Arguments:
owner (string, required) — repository owner.repo (string, optional) — repository name.
list_discussions
Lists discussions for a repository or organization. Supports filtering by category, sorting, and pagination.
Arguments:
owner (string, required) — repository owner.repo (string, optional) — repository name.category (string, optional) — filter by discussion category ID.orderBy (string, optional) — field to order by.direction (string, optional) — order direction.perPage (number, optional) — results per page (min 1, max 100).after (string, optional) — cursor for pagination.
dismiss_notification
Marks a specific notification thread as dismissed, updating its state to read or done.
Arguments:
threadID (string, required) — ID of the notification thread.state (string, optional) — new state of the notification (read or done).
get_notification_details
Retrieves full details for a specific notification, including subject type (issue, PR, discussion), repository, and updated time.
Arguments:
notificationID (string, required) — ID of the notification.
list_notifications
Lists notifications for the authenticated user. Supports filtering by repository, read state, and time window.
Arguments:
owner (string, optional) — repository owner; when provided with repo, limits results.repo (string, optional) — repository name; requires owner.filter (string, optional) — filter type (all, read, unread, participating).since (string, optional) — only show notifications updated after this time (ISO 8601).before (string, optional) — only show notifications updated before this time (ISO 8601).page (number, optional) — page number for pagination (min 1).perPage (number, optional) — results per page (min 1, max 100).
manage_notification_subscription
Manages a user’s subscription for a single notification thread (e.g., ignore updates, resume watching, or delete).
Arguments:
notificationID (string, required) — ID of the notification thread.action (string, required) — action to perform (ignore, watch, delete).
manage_repository_notification_subscription
Manages a user’s subscription settings for all notifications in a repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.action (string, required) — action to perform (ignore, watch, delete).
mark_all_notifications_read
Marks all notifications as read, either globally or scoped to a specific repository.
Arguments:
lastReadAt (string, optional) — timestamp of the last read time (ISO 8601). Defaults to now.owner (string, optional) — repository owner; if provided with repo, limits scope.repo (string, optional) — repository name; requires owner.
search_orgs
Searches for GitHub organizations by name, location, or creation date. Results can be sorted and paginated.
Arguments:
query (string, required) — search string (e.g., “microsoft”, “location:california”, “created:>=2025-01-01”).order (string, optional) — sort order (asc or desc).sort (string, optional) — sort field by category.page (number, optional) — page number for pagination (min 1).perPage (number, optional) — results per page (min 1, max 100).
Adds a comment to the requester’s latest pending pull request review, targeted to a file, line, or range.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.pullNumber (number, required) — pull request number.body (string, required) — review comment text.path (string, required) — relative file path in the PR diff.subjectType (string, required) — target level (file, line, etc.).line (number, optional) — single line in the diff.side (string, optional) — side of the diff (LEFT or RIGHT).startLine (number, optional) — starting line for multi-line comments.startSide (string, optional) — starting side of the diff (LEFT or RIGHT).
create_and_submit_pull_request_review
Creates and immediately submits a pull request review, without additional comments.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)body (string, required) — review body text.event (string, required) — review action (APPROVE, REQUEST_CHANGES, COMMENT).commitID (string, optional) — SHA of the commit under review.
create_pending_pull_request_review
Creates a pending pull request review that can later have comments added before submission.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)commitID (string, optional) — SHA of the commit under review.
create_pull_request
Opens a new pull request from one branch (head) into another (base).
Arguments:
owner (string, required)repo (string, required)title (string, required) — PR title.base (string, required) — branch to merge into.head (string, required) — branch with proposed changes.body (string, optional) — PR description.draft (boolean, optional) — create as draft PR.maintainer_can_modify (boolean, optional) — allow maintainers to edit the PR.
delete_pending_pull_request_review
Deletes the requester’s latest pending pull request review (not yet submitted).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
get_pull_request
Retrieves details about a specific pull request (title, body, state, mergeability, branches).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
Lists review comments on a specific pull request.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
get_pull_request_diff
Retrieves the unified diff for a pull request.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
get_pull_request_files
Lists the files changed in a pull request, with pagination.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)page (number, optional)perPage (number, optional)
get_pull_request_reviews
Lists all reviews submitted on a pull request (including approvals and change requests).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
get_pull_request_status
Retrieves the status checks for a pull request (CI/CD, lint, tests).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
list_pull_requests
Lists pull requests in a repository, with filters for state, branch, and sorting.
Arguments:
owner (string, required)repo (string, required)state (string, optional) — PR state (open, closed, all).base (string, optional) — filter by base branch.head (string, optional) — filter by head branch or user.sort (string, optional) — sort field.direction (string, optional) — sort direction.page (number, optional)perPage (number, optional)
merge_pull_request
Merges a pull request using the chosen merge method (merge commit, squash, or rebase).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)commit_title (string, optional) — custom merge commit title.commit_message (string, optional) — custom merge commit body.merge_method (string, optional) — merge type (merge, squash, rebase).
request_copilot_review
Requests a review of a pull request from GitHub Copilot.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)
search_pull_requests
Searches pull requests across GitHub or within a repository using search syntax.
Arguments:
query (string, required) — search query.owner (string, optional) — filter by repo owner.repo (string, optional) — filter by repository name.sort (string, optional) — sort field.order (string, optional) — sort order.page (number, optional)perPage (number, optional)
submit_pending_pull_request_review
Submits the requester’s latest pending pull request review, optionally adding a comment body.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)event (string, required) — action (APPROVE, REQUEST_CHANGES, COMMENT).body (string, optional) — optional text to include.
update_pull_request
Updates an existing pull request’s details (title, description, reviewers, branch).
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)title (string, optional)body (string, optional)state (string, optional) — open/closed.base (string, optional) — new base branch.draft (boolean, optional) — mark as draft or ready for review.maintainer_can_modify (boolean, optional)reviewers (string[], optional) — users to request reviews from.
update_pull_request_branch
Updates the pull request branch by merging in the latest changes from the base branch.
Arguments:
owner (string, required)repo (string, required)pullNumber (number, required)expectedHeadSha (string, optional) — SHA of the current PR head to ensure consistency.
create_branch
Creates a new branch in a repository from an existing branch (defaults to the repo’s default branch if not specified).
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.branch (string, required) — name for the new branch.from_branch (string, optional) — source branch (defaults to repo default).
create_or_update_file
Creates a new file or updates an existing file in a repository, committing the change to the specified branch.
Arguments:
owner (string, required) — repository owner (user or org).repo (string, required) — repository name.branch (string, required) — branch where the file will be created/updated.path (string, required) — file path in the repo.content (string, required) — file content (base64-encoded).message (string, required) — commit message.sha (string, optional) — required if updating; the blob SHA of the file being replaced.
create_repository
Creates a new repository, either under the authenticated user’s account or within an organization.
Arguments:
name (string, required) — repository name.description (string, optional) — repo description.organization (string, optional) — org to create in; omit for personal account.private (boolean, optional) — whether the repo is private.autoInit (boolean, optional) — initialize with README.
delete_file
Deletes a file from a repository on a specific branch.
Arguments:
owner (string, required) — repository owner (user or org).repo (string, required) — repository name.branch (string, required) — branch from which to delete the file.path (string, required) — path to the file.message (string, required) — commit message.
fork_repository
Forks a repository into the authenticated user’s account or into an organization.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.organization (string, optional) — org to fork into.
get_commit
Retrieves details of a commit, optionally including file diffs and stats.
Arguments:
owner (string, required)repo (string, required)sha (string, required) — commit SHA, branch name, or tag name.include_diff (boolean, optional) — include diffs and stats (default: true).page (number, optional)perPage (number, optional)
get_file_contents
Fetches the contents of a file or directory at a given path.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.path (string, optional) — path to file or directory (dirs must end with /).ref (string, optional) — git ref (branch, tag, or PR head).sha (string, optional) — specific commit SHA (overrides ref).
get_latest_release
Retrieves metadata about the latest published release in a repository.
Arguments:
owner (string, required)repo (string, required)
get_release_by_tag
Gets details for a release by its tag name.
Arguments:
owner (string, required)repo (string, required)tag (string, required) — tag name (e.g., v1.0.0).
get_tag
Retrieves metadata about a tag in a repository.
Arguments:
owner (string, required)repo (string, required)tag (string, required) — tag name.
list_branches
Lists branches in a repository, with pagination support.
Arguments:
owner (string, required)repo (string, required)page (number, optional)perPage (number, optional)
list_commits
Lists commits for a repository, optionally filtered by author, branch, or SHA.
Arguments:
owner (string, required)repo (string, required)author (string, optional) — filter by author username or email.sha (string, optional) — branch, tag, or commit SHA.page (number, optional)perPage (number, optional)
list_releases
Lists all releases published in a repository.
Arguments:
owner (string, required)repo (string, required)page (number, optional)perPage (number, optional)
Lists tags in a repository, with pagination.
Arguments:
owner (string, required)repo (string, required)page (number, optional)perPage (number, optional)
push_files
Pushes multiple files to a branch in a repository in a single commit.
Arguments:
owner (string, required)repo (string, required)branch (string, required) — target branch.files (object[], required) — array of (path, content) objects.message (string, required) — commit message.
search_code
Searches code across GitHub or within a repository using advanced search syntax.
Arguments:
query (string, required) — search query (supports filters like language:, repo:, path:).order (string, optional) — sort order (asc, desc).sort (string, optional) — sort field (indexed).page (number, optional)perPage (number, optional)
search_repositories
Searches repositories by name, topic, stars, or language. Returns minimal metadata by default.
Arguments:
query (string, required) — repo search string (e.g., “topic:react”, “stars:>1000 language:python”).minimal_output (boolean, optional) — return minimal output (default: true).page (number, optional)perPage (number, optional)
get_secret_scanning_alert
Retrieves details of a single secret scanning alert for a repository. Useful for investigating exposed credentials or tokens flagged by GitHub’s security scans.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.alertNumber (number, required) — unique identifier of the secret scanning alert.
list_secret_scanning_alerts
Lists all secret scanning alerts for a repository. Supports filtering by state, resolution, or secret type.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.state (string, optional) — filter by state (e.g., open, resolved).resolution (string, optional) — filter by resolution (e.g., revoked, false_positive).secret_type (string, optional) — comma-separated list of secret types to return.
get_global_security_advisory
Retrieves a single global GitHub Security Advisory by its GHSA ID. Advisories describe vulnerabilities across ecosystems, with CVEs, severity, and remediation info.
Arguments:
ghsaId (string, required) — advisory ID (format: GHSA-xxxx-xxxx-xxxx).
list_global_security_advisories
Lists all global GitHub Security Advisories, with filters for ecosystem, severity, CVE ID, CWE IDs, or publish/update dates.
Arguments:
affects (string, optional) — filter by affected package or version (e.g., “package1,package2@1.0.0”).cveId (string, optional) — filter by CVE ID.cwes (string[], optional) — filter by CWE IDs (e.g., [“79”, “284”, “22”]).ecosystem (string, optional) — filter by package ecosystem (npm, Maven, etc.).ghsaId (string, optional) — filter by advisory ID.isWithdrawn (boolean, optional) — only return withdrawn advisories.modified (string, optional) — filter by publish or update date/range (ISO 8601).published (string, optional) — filter by publish date/range (ISO 8601).updated (string, optional) — filter by update date/range (ISO 8601).severity (string, optional) — filter by severity (low, medium, high, critical).type (string, optional) — filter by advisory type.
list_org_repository_security_advisories
Lists security advisories published across repositories in a specific organization.
Arguments:
org (string, required) — organization login.state (string, optional) — filter by advisory state (draft, published, closed).sort (string, optional) — sort field.direction (string, optional) — sort direction (asc or desc).
list_repository_security_advisories
Lists security advisories created for a single repository.
Arguments:
owner (string, required) — repository owner.repo (string, required) — repository name.state (string, optional) — filter by advisory state.sort (string, optional) — sort field.direction (string, optional) — sort direction.
search_users
Searches GitHub users by name, location, followers, or other attributes. Supports advanced filters and pagination.
Arguments:
query (string, required) — search query (e.g., “john smith”, “location:seattle”, “followers:>100”).sort (string, optional) — sort users by followers, repositories, or join date.order (string, optional) — sort order (asc or desc).page (number, optional) — page number (min 1).perPage * (number, optional)* — results per page (min 1, max 100).
Prerequisites
- A compatible MCP host with remote server support
