Mcp Github

18 tools. 5 can modify or destroy data without limits.

5 write tools that can modify data. Rate limits recommended.

Last updated:

5 can modify or destroy data
13 read-only
18 tools total

Community server · catalogue entry verified 02/07/2026

How to control Mcp Github ↓

What Mcp Github exposes to your agents

Read (13) Write / Execute (5) Destructive / Financial (0)
High Risk

The most dangerous Mcp Github tools

5 of Mcp Github's 18 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control Mcp Github

PolicyLayer is an MCP gateway — it sits between your AI agents and Mcp Github, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "create_branch": {
    "limits": [
      {
        "counter": "create_branch_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "compare_branches": {
    "limits": [
      {
        "counter": "compare_branches_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register Mcp Github — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON MCP GITHUB →

Instant setup, no code required.

All 18 Mcp Github tools

READ 13 tools
Read compare_branches Compare two branches, tags, or commits. Shows ahead/behind counts, commit differences, and file changes. Read get_actions_status Get GitHub Actions workflow run status for a repository. Filter by workflow, branch, event type, and status. O Read get_commit_history Get commit history for a repository. Supports filtering by branch, file path, author, and date range. Returns Read get_file_content Read the content of a file from a GitHub repository. Returns the decoded file content along with metadata. Sup Read get_issue Get detailed information about a specific issue, including its body, labels, assignees, and optionally its com Read get_pull_request Get detailed information about a pull request including diff stats, changed files, and optionally reviews. Read get_repo_info Get detailed information about a GitHub repository including stats, topics, license, and recent activity. Read get_repo_stats Get repository statistics including contributor stats, commit activity, code frequency, and participation data Read list_directory List the contents of a directory in a GitHub repository. Returns file and subdirectory entries with metadata. Read list_issues List and filter issues in a GitHub repository. Supports filtering by state, labels, assignee, creator, milesto Read list_pull_requests List pull requests in a GitHub repository with filtering by state, head/base branch, and sorting options. Read search_code Search for code across GitHub repositories. Supports GitHub code search syntax with qualifiers for repo, langu Read search_repos Search GitHub repositories with filters. Supports GitHub search syntax including qualifiers like language, sta

Questions about Mcp Github

How do I prevent bulk modifications through Mcp Github? +

The Mcp Github server has 5 write tools including create_branch, create_issue, manage_labels. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach Mcp Github.

How many tools does the Mcp Github MCP server expose? +

18 tools across 2 categories: Read, Write. 13 are read-only. 5 can modify, create, or delete data.

How do I enforce a policy on Mcp Github? +

Register the Mcp Github MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every Mcp Github tool call.

Deterministic rules across all 18 Mcp Github tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

18 Mcp Github tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.