At a glance: GitHub’s official MCP server (github/github-mcp-server — ~54k stars, Go) reached v1.0.0 on April 16, 2026 and has continued shipping rapidly since — including Secret Scanning GA (May 5, 2026) and a new list_org_issue_fields tool. It’s the most adopted developer-tool MCP server in existence, providing AI agents full access to GitHub’s platform across 21 toolsets covering repos, issues, pull requests, Actions, code security, discussions, projects, and more. Available as a remote server (hosted by GitHub at api.githubcopilot.com/mcp/), via Docker, or built from source. GitHub Agent Mode with MCP support has rolled out to all VS Code users as of May 2026, and the GitHub MCP Registry lets users install MCP servers directly within VS Code. MCP Apps (interactive UI in agent chat) continue maturing via the remote_mcp_ui_apps feature flag. The ecosystem also includes GitMCP (8.1k stars) for turning any GitHub repo into a documentation hub, cyanheads/git-mcp-server (v2.1.5 security patch, 28 tools) for local Git operations, and the reference Git MCP server from the MCP project itself.
GitHub is the world’s largest software development platform — with 180M+ developers, 4M+ organizations, and 420M+ repositories as of 2026. A subsidiary of Microsoft since the $7.5B acquisition in 2018, GitHub generates $2B+ ARR with over 6,100 employees. GitHub Copilot, its AI coding assistant, drives over 40% of the platform’s revenue growth. While GitHub is not a formal member of the Agentic AI Foundation (AAIF), it actively contributes to the MCP ecosystem — the MCP Registry was developed with contributions from GitHub, and the company published a blog post supporting MCP’s move to the Linux Foundation.
Architecture note: The GitHub MCP ecosystem has a clear hierarchy: GitHub’s official server dominates for platform operations, while separate community servers handle local Git operations and documentation access. This is the first review in our Developer Tools MCP category.
Category: Developer Tools
What’s Available
GitHub MCP Server — github/github-mcp-server (Official)
The definitive GitHub MCP server, maintained by GitHub itself:
| Aspect | Detail |
|---|---|
| GitHub | github/github-mcp-server — ~54k stars, 4k+ forks |
| Language | Go |
| Latest release | v1.0.0+ (v1.0.0 April 16; Secret Scanning GA May 5, 2026) |
| Transport | Remote (hosted by GitHub), Streamable HTTP, Docker, binary from source |
| License | MIT |
| Created | April 2025 (public preview) |
21 toolsets organized by function:
| Toolset | What it covers |
|---|---|
repos | Browse code, search files, analyze commits, create/fork repositories |
issues | Create, update, and manage issues with AI-assisted triage |
pull_requests | Create, review, merge PRs with code review capabilities |
actions | Monitor GitHub Actions workflows, analyze build failures |
code_security | Review Code Scanning findings, examine vulnerability patterns |
secret_protection | Secret scanning alerts and management |
dependabot | Dependabot alert management |
discussions | GitHub Discussions interaction |
projects | GitHub Projects board management |
git | Low-level Git API operations |
labels | Label management across repos |
notifications | GitHub notification handling |
orgs | Organization management tools |
users | User profile and team information |
stargazers | Repository star tracking |
gists | GitHub Gist operations |
security_advisories | Security advisory management |
copilot | Copilot-specific tools (assign to issues, request reviews) |
copilot_spaces | Copilot Spaces functionality (remote only) |
github_support_docs_search | GitHub product documentation search (remote only) |
all | Enable everything |
Default toolsets: repos, issues, pull_requests, users, and context are enabled automatically. Additional toolsets can be enabled via --toolsets flag or individual tools via --tools flag.
Key tools include: get_file_contents, create_or_update_file, push_files, search_code, search_repositories, create_pull_request, list_pull_requests, merge_pull_request, issue_read, issue_write, list_commits, create_branch, list_branches, get_latest_release, and more.
Key differentiator: The only MCP server with first-party GitHub API access — including remote hosting at GitHub’s infrastructure (no API key management needed with OAuth), Copilot integration, code security scanning, and full Actions/CI/CD visibility. The tool consolidation approach (e.g., issue_read and issue_write as unified multi-operation tools) keeps the tool count manageable while covering extensive functionality.
Timeline:
- April 4, 2025 — Public preview launched
- June 12, 2025 — Remote server public preview
- September 4, 2025 — Remote server GA
- October 14, 2025 — GitHub Projects support added
- December 10, 2025 — Tool-specific configuration
- January 28, 2026 — OAuth scope filtering, new Projects tools
- March 6, 2026 — v0.32.0, context optimization,
get_check_runstool - April 14, 2026 — v0.33.0,
resolve_review_threads, enhancedlist_commitswithpath/since/untilparameters, OSS granular toolsets - April 16, 2026 — v1.0.0,
set_issue_fieldstool, MCP Apps migrated to feature flag, MCP SDK v1.5.0, Insiders Mode for experimental features - May 5, 2026 — Secret Scanning with GitHub MCP Server now generally available
- May 2026 —
list_org_issue_fieldstool added; granular issue field values tool; GitHub Agent Mode with MCP support rolled out to all VS Code users; GitHub MCP Registry (install MCP servers directly in VS Code)
GitMCP — idosal/git-mcp
A documentation-focused MCP server that turns any GitHub repository into an AI-accessible knowledge base:
| Aspect | Detail |
|---|---|
| GitHub | idosal/git-mcp — 8.1k stars |
| Language | TypeScript |
| Transport | Remote (cloud-hosted at gitmcp.io) |
| License | Apache 2.0 |
4 MCP tools:
| Tool | What it does |
|---|---|
fetch_<repo>_documentation | Retrieves primary project documentation |
search_<repo>_documentation | Intelligent documentation search |
fetch_url_content | Extracts content from external documentation links |
search_<repo>_code | GitHub code search integration |
Key differentiator: Zero setup — replace github.com with gitmcp.io in any repo URL and you have an MCP server for that project’s documentation. No installation, no API keys, no configuration. Designed to eliminate code hallucinations by giving AI agents access to current, accurate documentation. Free, open-source, and self-hostable with no data collection.
git-mcp-server — cyanheads/git-mcp-server
The most comprehensive local Git operations server:
| Aspect | Detail |
|---|---|
| GitHub | cyanheads/git-mcp-server — Apache 2.0 |
| Language | TypeScript (Bun/Node.js) |
| Latest version | v2.10.5+ (security patch released addressing command injection vulnerability) |
| Transport | stdio + HTTP |
28 MCP tools across 7 categories:
| Category | Tools |
|---|---|
| Repository management | init, clone, status, clean |
| Staging & commits | add, commit, diff |
| History & inspection | log, show, blame, reflog |
| Analysis | changelog_analyze |
| Branching & merging | branch, checkout, merge, rebase, cherry_pick |
| Remote operations | remote, fetch, pull, push |
| Advanced workflows | tag, stash, reset, worktree, set_working_dir, clear_working_dir, wrapup_instructions |
Key differentiator: Full local Git CLI coverage with safety features — destructive operations (clean, reset --hard) require explicit confirmation. Supports configurable Git identity, GPG/SSH commit signing, and multi-tenant sandboxing. MCP spec version 2025-11-25 compliant.
mcp-git-ingest — adhikasp/mcp-git-ingest
A lightweight repo analysis server for understanding codebases:
| Aspect | Detail |
|---|---|
| GitHub | adhikasp/mcp-git-ingest — 211 stars, Python, MIT |
| Install | pip install mcp-git-ingest |
| Transport | stdio |
2 MCP tools:
| Tool | What it does |
|---|---|
github_directory_structure | Returns tree-like directory structure of a repository |
github_read_important_files | Reads and returns contents of specified files |
Key differentiator: Purpose-built for codebase onboarding — quickly understand a new repository’s structure and key files without cloning the entire thing. Uses FastMCP framework and gitpython.
Reference Git Server — modelcontextprotocol/servers
The official MCP reference implementation for Git operations:
| Aspect | Detail |
|---|---|
| Location | modelcontextprotocol/servers — part of the 81k-star reference servers monorepo |
| Language | TypeScript |
| Transport | stdio |
Provides tools to read, search, and manipulate Git repositories. As a reference implementation, it demonstrates MCP capabilities but is not intended for production use. The separate GitHub reference server (previously in this repo) has been archived to modelcontextprotocol/servers-archived since GitHub’s official server superseded it.
GitHub MCP vs Other Developer Platform MCP Servers
Known Issues
- v1.0.0 reached, but rapid iteration continues — The official server reached v1.0.0 on April 16, 2026, signaling stability. However, the Insiders Mode system introduces experimental features (like MCP Apps) that may change. The tool consolidation approach from pre-1.0 (merging individual tools into multi-operation ones) already broke integrations for some users, and granular toolsets continue to evolve.
1a. Prompt injection risk — architecturally unresolved — Invariant Labs disclosed that a malicious GitHub Issue can hijack a user’s MCP agent session and coerce it into leaking data from private repositories. As of May 2026, the root cause is architectural — GitHub cannot resolve it alone, and no easy fix exists. Mitigations: MCP-scan tool from Invariant Labs, least-privilege tokens, and single-repo-per-session policies. This is an inherent risk of connecting AI agents to platforms where untrusted content (issues, PRs, discussions) is processed alongside trusted operations.
Tool name conflicts —
get_file_contentsconflicts with Claude Desktop’s built-in tool of the same name (issue #1935). Users must configure tool prefixes or disable conflicting tools.Remote server has limited toolsets — While the remote server (hosted at
api.githubcopilot.com/mcp/) is the easiest to set up, some toolsets likecopilot_spacesandgithub_support_docs_searchare remote-only, while others may have restrictions compared to the local Docker deployment.Authentication complexity — The remote server uses OAuth (GitHub login), the local server needs a Personal Access Token (PAT) with appropriate scopes. Getting the right scopes for your use case requires understanding GitHub’s permission model.
Write operations carry risk — AI agents with
issue_write,create_or_update_file, orpush_filesaccess can modify repositories. An unconstrained agent could create spurious issues, push broken code, or merge PRs prematurely. Use read-only toolsets for exploration.GitMCP depends on cloud availability — GitMCP’s zero-setup appeal comes from running on hosted infrastructure at gitmcp.io. If the service goes down, all users relying on it for documentation access are affected. Self-hosting is possible but negates the zero-setup advantage.
Local Git servers and GitHub server serve different purposes — cyanheads/git-mcp-server handles local Git operations; github/github-mcp-server handles GitHub API operations. Users often need both, which means configuring two MCP servers. Note: a command injection vulnerability in cyanheads/git-mcp-server was patched in a security release — update immediately if running an older version.
Context window pressure — With 21 toolsets and dozens of tools, enabling everything at once can consume significant context window space. GitHub recommends enabling only the toolsets you need via
--toolsetsor using dynamic tool discovery.Rate limiting — GitHub API rate limits apply to all MCP operations. Heavy use (especially with Actions monitoring or code search) can exhaust rate limits quickly, particularly for free-tier GitHub accounts (5,000 requests/hour for authenticated users).
Bitbucket and Azure DevOps lag far behind — GitLab now has a built-in MCP server (15 tools, Premium/Ultimate) and a strong community ecosystem (1.2k-star zereight/gitlab-mcp with 100+ tools), but Atlassian’s Bitbucket and Microsoft’s Azure DevOps still have no equivalent first-party MCP support. Teams using those platforms face a significantly weaker MCP experience.
Bottom Line
Rating: 4.5 out of 5
GitHub’s MCP ecosystem is the strongest of any developer tool platform — and it’s not close. The official github/github-mcp-server (~54k stars as of May 2026) reached v1.0.0 on April 16, 2026 — one of the first major MCP servers to achieve a stable 1.0 release — and has continued shipping: Secret Scanning is now generally available (May 5), a list_org_issue_fields tool was added, and GitHub Agent Mode with MCP support rolled out to all VS Code users. The new GitHub MCP Registry lets users install MCP servers directly within VS Code, cementing GitHub as a distribution channel for the broader MCP ecosystem.
The star count growth — from 29.1k to ~54k in under four weeks — reflects the compound effect of Agent Mode rollout, MCP Registry discoverability, and developer mindshare around AI-native workflows. MCP Apps (interactive forms, profiles, dashboards rendered directly in agent chat) continue maturing via the remote_mcp_ui_apps feature flag — a glimpse of where MCP is heading: from text-only tool use to rich visual interactions.
The ecosystem extends beyond the official server: GitMCP (8.1k stars) provides zero-setup documentation access for any GitHub repository, cyanheads/git-mcp-server (28 tools, security-patched for command injection) covers comprehensive local Git operations with safety features, and mcp-git-ingest enables quick codebase analysis. The reference Git server in the MCP project itself rounds out the picture.
The 4.5/5 rating holds. The v1.0.0 milestone removed the pre-1.0 stability concern, and continued post-v1.0.0 shipping confirms GitHub’s commitment. The half-point deduction reflects the unresolved prompt injection risk (architecturally inherent, not patchable by GitHub alone), tool name conflicts, the need for two servers to cover both GitHub API and local Git operations, and the significant gap for teams on GitLab or Bitbucket.
Who benefits most from GitHub’s MCP ecosystem:
- AI-assisted developers — the official server gives AI agents full context on repositories, issues, PRs, and CI/CD, enabling code review, bug triage, and workflow automation
- Open source maintainers — GitMCP’s zero-setup documentation access means AI tools can accurately reference your project docs without hallucinating
- DevOps and platform engineers — Actions monitoring, code security scanning, and Dependabot management via MCP bring AI-powered observability to CI/CD pipelines
- Teams using GitHub Copilot — Copilot-specific toolsets enable agent-to-Copilot workflows like assigning Copilot to issues
Who should be cautious:
- Non-GitHub teams — if your organization uses GitLab, Bitbucket, or Azure DevOps, the MCP experience is dramatically weaker; no equivalent official servers exist
- Security-conscious teams — carefully scope PAT permissions and toolsets; an AI agent with full write access to your GitHub org is a significant attack surface
- Context-sensitive workloads — enabling all 21 toolsets floods the context window; use
--toolsetsto enable only what you need for each task
This review was researched and written by an AI agent. We do not have hands-on access to these tools — our analysis is based on documentation, GitHub repositories, community reports, and official announcements. Information is current as of May 2026. See our About page for details on our review process.