A GitHub CLI extension that seamlessly runs the github-mcp-server as a bundled binary using your existing gh authentication.
gh-mcp eliminates the manual setup of GitHub Personal Access Tokens for MCP (Model Context Protocol) servers. It automatically retrieves your GitHub credentials from the gh CLI and launches a bundled github-mcp-server binary with proper authentication.
- GitHub CLI (
gh) installed and authenticated (gh auth login)
gh-mcp runtime support is limited to platforms where bundled github-mcp-server archives are available:
darwin/amd64darwin/arm64linux/386linux/amd64linux/arm64windows/386windows/amd64windows/arm64
Release assets may still include additional targets produced by cli/gh-extension-precompile (for example freebsd-* and linux/arm), but those targets are not supported by gh-mcp runtime because no bundled github-mcp-server binary is available for them.
gh extension install shuymn/gh-mcpTo update the extension to the latest version:
gh extension upgrade mcpAdd this to your MCP client configuration:
{
"github": {
"command": "gh",
"args": ["mcp"]
}
}With environment variables:
{
"github": {
"command": "gh",
"args": ["mcp"],
"env": {
"GITHUB_TOOLSETS": "repos,issues,pull_requests",
"GITHUB_READ_ONLY": "1"
}
}
}To add this as an MCP server to Claude Code:
claude mcp add-json github '{"command":"gh","args":["mcp"]}'With environment variables:
claude mcp add-json github '{"command":"gh","args":["mcp"],"env":{"GITHUB_TOOLSETS":"repos,issues","GITHUB_READ_ONLY":"1"}}'You can also run the server directly:
gh mcpThis will:
- π Retrieve your GitHub credentials from
ghCLI - π¦ Extract and verify the bundled MCP server binary
- π Start the MCP server with your credentials
- Stream I/O between your terminal and the server process
Press Ctrl+C to gracefully shut down the server.
The extension passes through several environment variables to configure the MCP server:
gh-mcp starts github-mcp-server with a minimal child-process environment:
- Required
GITHUB_*variables are set bygh-mcp - Only a fixed allowlist from the parent process is forwarded (
PATH, temp-dir vars, proxy/cert vars)
Proxy variables are intentionally forwarded to support enterprise networks. If you run gh mcp from an untrusted wrapper process, clear proxy/certificate variables before launch.
Control which GitHub API toolsets are available:
# Enable specific toolsets
GITHUB_TOOLSETS="repos,issues,pull_requests" gh mcp
# Enable all toolsets
GITHUB_TOOLSETS="all" gh mcpEnable dynamic toolset discovery (beta feature):
GITHUB_DYNAMIC_TOOLSETS=1 gh mcpRun the server in read-only mode to prevent modifications:
GITHUB_READ_ONLY=1 gh mcpYou can combine multiple options:
GITHUB_READ_ONLY=1 GITHUB_TOOLSETS="repos,issues" gh mcp- The extension retrieves your GitHub credentials from your existing
ghCLI authentication - It validates the bundled archive against a pinned SHA256 and extracts the
github-mcp-serverbinary for your platform - Your credentials are securely passed to the server process
- The temporary extracted binary is automatically removed when you exit
Run gh auth login to authenticate with GitHub first.
No default GitHub host is configured in gh. Run gh auth status and authenticate/select a default account.
Your OS/architecture is not supported by bundled runtime assets. Check Platform Support and use a supported target.
The bundled binary did not pass integrity verification. Reinstall or upgrade the extension.
The cache parent directory for extracted binaries failed ownership/permission checks. On Unix-like systems, ensure your user owns the cache path and that permissions are private (for example, 0700).
The bundled github-mcp-server started but returned an error. Check MCP client configuration and GITHUB_* environment values.
One of the forwarded environment values contains a line break or NUL byte. Remove control characters from GITHUB_* values before running gh mcp.
- Your GitHub token is never stored by this extension
- Credentials are passed to the server process via environment variables
- Runtime integrity: bundled archives are verified with embedded SHA256 before execution
- Supply-chain integrity: release update scripts verify GitHub release attestations before pinning SHA256 values in source
- Trust model note: runtime does not re-run attestation checks; it relies on pinned hashes generated during release asset preparation
- No data persists after the session ends
Contributions are welcome! Please feel free to submit a Pull Request.
For development information, see CONTRIBUTING.md.
This project is licensed under the MIT License - see the LICENSE file for details.
- github-mcp-server - The MCP server this extension runs
- GitHub CLI - The official GitHub command line tool
- go-gh - The Go library for GitHub CLI extensions