GitHub MCP Server
for AI Agents

Q: What AI frameworks and AI clients does the StackOne GitHub MCP server support?

The StackOne GitHub MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Production-ready GitHub MCP server with 92 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →

GitHub MCP Server

Built by

StackOne

Coverage

92 Agent Actions

Create, read, update, and delete across GitHub — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your GitHub MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every GitHub tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every GitHub call.

Tools Discovery →

What is the GitHub MCP Server?

A GitHub MCP server lets AI agents read and write GitHub data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's GitHub MCP server ships with 92 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Claude Code, Cursor, Goose, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All GitHub MCP Tools and Actions

Every action from GitHub's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Workflow Runs

List Workflow Runs
Retrieve GitHub Actions workflow execution history
Get Workflow Run
Retrieve detailed information about a specific workflow execution (requires run_id from list_workflow_runs)

Artifacts

List Artifacts
Get build artifacts generated by workflows
Download Artifact
Retrieve artifact files from workflow runs (requires artifact_id from list_artifacts)

Commits

List Commits
Get commit history for a repository or branch
Get Commit
Retrieve detailed information about a specific commit

Deployments

Create Deployment
Record a deployment event
List Deployments
Get deployment history for a repository
Delete Deployment
Remove a deployment record from the repository

Issues

Create Issue
Create a new issue in a repository
List Issues
Retrieve issues for a repository with filtering options
Get Issue
Retrieve detailed information about a specific issue
Search Issues
Find issues and pull requests across repositories
Update Issue
Modify issue title, body, labels, assignees, or state

Issue Comments

Create Issue Comment
Add a comment to an issue or pull request
List Issue Comments
Get all comments on an issue

Organizations

Get Organization
Retrieve detailed information about a specific organization
Update Organization
Update organization settings and profile information

Pull Requests

Create Pull Request
Propose code changes for review and merging
List Pull Requests
Retrieve pull requests for a repository
Get Pull Request
Retrieve detailed information about a specific pull request
Update Pull Request
Modify pull request title, body, or state

Git References

Create Git Reference
Create a new Git reference (branch or tag) pointing to a specific commit SHA
Get Git Reference
Retrieve a single Git reference by its exact fully-qualified name
Update Git Reference
Update an existing Git reference to point to a new commit SHA
Delete Git Reference
Delete a Git reference (branch or tag) from a repository

Releases

Create Release
Publish a new version of software with release notes
List Releases
Get all releases for a repository
Update Release
Modify release details or publish draft releases
Delete Release
Remove a release from the repository

Repositorys

Get Repository
Retrieve detailed information about a specific repository
Update Repository
Modify repository settings including name, description, visibility, and features
Delete Repository
Permanently remove a repository and all its contents

Teams

Create Team
Create a new team in an organization
List Teams
Get all teams in an organization
Get Team
Retrieve information about a specific team
Update Team
Modify team settings and properties
Delete Team
Remove a team from an organization

Team Members

Add Team Member
Add a user to a team
Remove Team Member
Remove a user from a team

Users

List Users
Get all GitHub users
Get User
Retrieve information about a specific user
Update User
Modify authenticated user's profile information

Collaborators

Add Collaborator
Grant repository access to a user
List Collaborators
Get all users with access to a repository
Remove Collaborator
Revoke repository access from a user

Webhooks

Create Webhook
Set up HTTP callbacks for repository events
List Webhooks
Get all webhooks configured for a repository

Other (44)

Create Or Update File
Create a new file or update an existing file in a repository
Create Deployment Status
Update the status of a deployment
Create Pull Request Review
Submit a code review with comments and approval status
Upload Release Asset
Attach binary files to a release
Create User Repository
Create a new repository for the authenticated user
Create Organization Repository
Create a new repository in an organization
Add Team Repository
Grant team access to a repository
List Workflow Jobs
Get jobs within a workflow run (requires run_id from list_workflow_runs)
Get Repository Content
Retrieve file or directory contents from a repository
Get Current Credentials
Return the authenticated identity and auth type for the current GitHub connection. Wraps GET /user for identity. Maps to the StackOne IAM unified credentials schema (name, auth_type). auth_type is "oauth" for GitHub App connections and "api_key" for Personal Access Token connections.
List IAM Groups (GitHub Teams)
List the GitHub teams in a single organization, mapped to the IAM unified group schema, cursor-paginated 100 per page. REQUIRES filter.organization_id (the org login). Each entry's id is a composite {org_login, team_slug} so unified_get_group can round-trip to GET /orgs/{org}/teams/{slug}. Type is always "team". Supports nested teams via parent_id (team slug of parent).
Get IAM Group (GitHub Team By Org+slug)
Retrieve a single GitHub team by team slug and organization, mapped to the IAM unified group schema. Wraps GET /orgs/{org}/teams/{team_slug}. Requires filter.organization_id (org login) and id (team slug as returned by unified_list_groups).
List IAM Organizations (GitHub Orgs)
List the GitHub organizations the authenticated identity belongs to, mapped to the IAM unified organization schema. Wraps GET /user/orgs (paginated, page/per_page). Each entry's id is the org login (e.g. "acme") — the canonical, stable, human-readable identifier referenced by other IAM actions via filter.organization_id.
Get IAM Organization (GitHub Org By Login)
Retrieve a single GitHub organization by its login (e.g. "acme"), mapped to the IAM unified organization schema. Wraps GET /orgs/{org}. The {id} input must be the org login as returned by unified_list_organizations — passing a numeric org id will return 404. Returns the full profile (name, description, created_at, updated_at, plan).
List IAM Roles (synthesized GitHub Org-membership Roles)
Return the two stable org-membership IAM roles GitHub exposes ("admin" and "member") synthesized from GitHub's organization membership API. The role set is static, closed, and matches the role IDs embedded in IamUser.roles[] when expand=["roles"] is requested on unified_get_user. Custom Org Roles (GitHub Enterprise Cloud only) are intentionally NOT included.
Get IAM Role (synthesized GitHub Role By Stable Key)
Retrieve a single synthesized GitHub IAM role by stable key. Only "admin" and "member" are valid — any other id is rejected by input validation with a 400 because GitHub's role namespace is closed at the unified-API surface (Custom Org Roles are GHEC-only and not exposed here).
List IAM Users (GitHub Org Members)
List the members of a single GitHub organization mapped to the IAM unified user schema, cursor-paginated 100 per page. REQUIRES filter.organization_id (the org login). GitHub has no connection-global user list — users are org-scoped. Each entry's id is the user's login (e.g. "octocat"). Members listing is sparse — call unified_get_user for full profile (name, email, created_at).
Get IAM User (GitHub User By Login)
Retrieve a single GitHub user by login (e.g. "octocat"), mapped to the IAM unified user schema. Wraps GET /users/{username} for the full profile (name, email, created_at, avatar). Field coverage is fuller than unified_list_users — call this to enrich a member listing.
List Authenticated User Organizations
Retrieve list of organization memberships for the authenticated user
List User Organizations
Retrieve list of public organization memberships for a specific user
List Organization Members
List all users who are members of an organization
Get Organization Membership
Get membership details for a user in an organization (requires organization member authentication)
List Authenticated User Organization Memberships
List all organization memberships for the authenticated user with state and role details
List Matching Git References
List Git references in a repository matching a given ref prefix
Get Latest Release
Retrieve the most recent published release
List Authenticated User Repositories
Retrieve list of repositories for the authenticated user
List User Repositories
Retrieve list of public repositories for a specific user
List Organization Repositories
Retrieve list of repositories for an organization
List Forks
Get all forks of a repository
List Branches
Get all branches in a repository
Get Branch
Retrieve information about a specific branch
Search Code
Find code across GitHub repositories
Search Repositories
Find repositories matching criteria
List Code Scanning Alerts
Get security vulnerabilities detected by code scanning
List Secret Scanning Alerts
Get exposed secrets detected in repository
List Dependabot Alerts
Get vulnerability alerts for dependencies
Get Authenticated User
Retrieve information about the authenticated user
Delete File
Delete a file from a repository
Cancel Workflow Run
Stop a running workflow (requires run_id from list_workflow_runs)
Re-run Workflow
Retry a failed or completed workflow (requires run_id from list_workflow_runs)
Trigger Workflow
Manually trigger a workflow run
Check Organization Membership
Check if a user is a member of an organization (publicly or privately)
Merge Pull Request
Integrate approved changes into the base branch
Fork Repository
Create a personal copy of another repository

Set Up Your GitHub MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to GitHub in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop-

JSON

Browse Claude Desktop MCP Docs

{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Developer Tools MCP Servers

185+ actions

137+ actions

134+ actions

133+ actions

129+ actions

125+ actions

118+ actions

All Developer Tools MCP Servers →

GitHub MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

GitHub MCP Server FAQ

GitHub MCP server vs direct API integration — what's the difference?

A GitHub MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling GitHub. A GitHub MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling GitHub at runtime. StackOne provides both.

How does GitHub authentication work for AI agents?

GitHub authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own GitHub account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.

Are GitHub MCP tools vulnerable to prompt injection?

Yes — GitHub MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.

What is the context bloat of a GitHub agent and how do I avoid it?

Context bloat happens when GitHub tool schemas and API responses eat your GitHub agent's memory, preventing it from reasoning effectively. A single GitHub query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.

Can I limit which actions my GitHub agent can access?

Yes — you can limit which actions your GitHub agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.

Can I create custom agent actions for my GitHub MCP server?

Yes — you can create custom agent actions for your GitHub MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research GitHub's API, generate production-ready connector YAML, test against the live API, and validate before you ship.

When should I NOT use a GitHub MCP server?

Skip a GitHub MCP server if your integration is purely software-to-software — direct GitHub API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call GitHub actions at runtime.

What AI frameworks and AI clients does the StackOne GitHub MCP server support?

The StackOne GitHub MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo

GitHub MCP Serverfor AI Agents