Description
GitHub MCP server provides a bridge between Claude and the GitHub API, enabling AI assistants to interact with GitHub repositories. Built with TypeScript and Octokit, it offers tools for searching repositories, retrieving repository information, listing issues, and creating new issues. The server also includes prompt handlers that generate formatted content for issue descriptions, pull request descriptions, and search queries. This implementation is particularly useful for developers who want to manage their GitHub projects directly through AI conversations, streamlining workflows for issue tracking and repository exploration.
Installation
git clone https://github.com/alsonwangkhem/github-mcp-2Claude Desktop Configuration
Add this configuration to your Claude Desktop config file to enable this MCP server:
Config file location: ~/Library/Application Support/Claude/claude_desktop_config.json
Config file location: %APPDATA%\Claude\claude_desktop_config.json
Config file location: ~/.config/Claude/claude_desktop_config.json
{
"mcpServers": {
"github": {
"command": "node",
"args": [
"path/to/server.js"
]
}
}
}Security Audit
| Dimension | Result | Details |
|---|---|---|
| Transport Security | Stdio (Local) | Stdio is local-only process communication. SSE/HTTP exposes network attack surface. |
| Authentication | OAuth2 | Scoped tokens with expiration and refresh capabilities. |
| Token Lifecycle | Short-lived (Refresh) | Short-lived tokens limit exposure window if compromised. Long-lived tokens require secure rotation policies. |
| Input Handling | Parameterized (Safe) | Parameterized inputs prevent injection attacks. Shell strings enable command injection vectors. |
| Data Residency | Cloud | Local-only data never leaves your machine. Cloud residency means data flows through third-party APIs. |