Official Vendor Server
GitHub✦ Lab Verified
GitHub
Interact with GitHub repositories, issues, pull requests, and more. Enables AI-powered code review and repository management workflows.
8.9/10
Score
478ms
Latency
100%
Uptime
41
Tools
OAuth
Auth
Quick Verdict
Use this for GitHub repository and issue management. Avoid get_team_members and add_comment_to_pending_review which hit authentication errors. Best area: repository reads and file operations. Biggest failure: team access requires organization context.
Lab Review
What We Found
What works: The GitHub server handles basic repository operations. Get, list, search and read tools all performed cleanly across repos, issues and pull requests. Standard creation operations like create_repository and create_pull_request executed without errors. For code browsing and basic repository management, this server is reliable. Where it breaks: Team operations hit authentication barriers that block organizational workflows. get_team_members failed with "Could not resolve to an Organization" errors, making team-based tooling impossible. review operations also break - add_comment_to_pending_review returned "No pending review found" and update_pull_request_branch threw PUT request failures. These failures prevent any serious code review automation. What this means for your workflow: Repository reads, searches and basic CRUD operations are reliable in current tests. Team management features are broken and you need alternative approaches for member lookups. Review-dependent automations require manual review state setup that this server cannot handle reliably. For individual developers doing repo management, this performs well. For teams needing member data or review automation, it does not.
Lab Observations
What actually happened during testing
During testing, our scanner interacted with GitHub. 32 tools succeeded, 3 failed.
| Tool | Status |
|---|---|
| get_team_members | ❌ error |
| add_comment_to_pending_review | ❌ error |
| update_pull_request_branch | ❌ error |
| get_me | ✅ success |
| get_teams | ✅ success |
| search_code | ✅ success |
| search_issues | ✅ success |
| search_pull_requests | ✅ success |
| search_repositories | ✅ success |
| search_users | ✅ success |
| get_file_contents | ✅ success |
| list_branches | ✅ success |
| list_commits | ✅ success |
| list_issues | ✅ success |
| list_pull_requests | ✅ success |
| list_releases | ✅ success |
| list_tags | ✅ success |
| get_latest_release | ✅ success |
| get_label | ✅ success |
| issue_read | ✅ success |
| get_commit | ✅ success |
| pull_request_read | ✅ success |
| get_release_by_tag | ✅ success |
| get_tag | ✅ success |
| create_repository | ✅ success |
| create_branch | ✅ success |
| create_pull_request | ✅ success |
| create_or_update_file | ✅ success |
| add_issue_comment | ✅ success |
| merge_pull_request | ✅ success |
| push_files | ✅ success |
| update_pull_request | ✅ success |
| issue_write | ✅ success |
| pull_request_review_write | ✅ success |
| delete_file | ✅ success |
Lab Findings
Where it breaks
Other Errors
3x3 tool(s) returned errors
Affected: get_team_members, add_comment_to_pending_review, update_pull_request_branch
Reliability
Live test completed — 35 of 41 tools executed Score based on transport stability and schema completeness.
Score Breakdown
Reliability
32 of 35 executed tools succeeded.
Security
Score based on schema analysis and dependency audit.
Setup
Remote server with OAuth authentication.
Docs
41 tools with descriptions and input schemas.
Compatibility
Standard MCP protocol. Transport: OAuth.
Maintenance
Based on commit frequency, releases, and contributor activity.
Tools
41 available tools
Add review comment to the requester's latest pending pull request review. A pending review needs to already exist to call this (check with the user if not sure).
Add a comment to a specific issue in a GitHub repository. Use this tool to add comments to pull requests as well (in this case pass pull request number as issue_number), but only if user is not asking specifically to add review comments.
Add a reply to an existing pull request comment. This creates a new comment that is linked as a reply to the specified comment.
Assign Copilot to a specific issue in a GitHub repository. This tool can help with the following outcomes: - a Pull Request created with source code changes to resolve the issue More information can be found at: - https://docs.github.com/en/copilot/using-github-copilot/using-copilot-coding-agent-to-work-on-tasks/about-assigning-tasks-to-copilot
Create a new branch in a GitHub repository
Show all 41 tools →Show less ↑
Create or update a single file in a GitHub repository. If updating, you should provide the SHA of the file you want to update. Use this tool to create or update a file in a GitHub repository remotely; do not use it for local file operations. In order to obtain the SHA of original file version before updating, use the following git command: git rev-parse <branch>:<path to file> SHA MUST be provided for existing file updates.
Create a new pull request in a GitHub repository.
Create a new GitHub repository in your account or specified organization
Delete a file from a GitHub repository
Fork a GitHub repository to your account or specified organization
Get details for a commit from a GitHub repository
Get the contents of a file or directory from a GitHub repository
Get a specific label from a repository.
Get the latest release in a GitHub repository
Get details of the authenticated GitHub user. Use this when a request is about the user's own profile for GitHub. Or when information is missing to build other tool calls.
Get a specific release by its tag name in a GitHub repository
Get details about a specific git tag in a GitHub repository
Get member usernames of a specific team in an organization. Limited to organizations accessible with current credentials
Get details of the teams the user is a member of. Limited to organizations accessible with current credentials
Get information about a specific issue in a GitHub repository.
Create a new or update an existing issue in a GitHub repository.
List branches in a GitHub repository
Get list of commits of a branch in a GitHub repository. Returns at least 30 results per page by default, but can return more if specified using the perPage parameter (up to 100).
List supported issue types for repository owner (organization).
List issues in a GitHub repository. For pagination, use the 'endCursor' from the previous response's 'pageInfo' in the 'after' parameter.
List pull requests in a GitHub repository. If the user specifies an author, then DO NOT use this tool and use the search_pull_requests tool instead.
List releases in a GitHub repository
List git tags in a GitHub repository
Merge a pull request in a GitHub repository.
Get information on a specific pull request in GitHub repository.
Create and/or submit, delete review of a pull request. Available methods: - create: Create a new review of a pull request. If "event" parameter is provided, the review is submitted. If "event" is omitted, a pending review is created. - submit_pending: Submit an existing pending review of a pull request. This requires that a pending review exists for the current user on the specified pull request. The "body" and "event" parameters are used when submitting the review. - delete_pending: Delete an existing pending review of a pull request. This requires that a pending review exists for the current user on the specified pull request.
Push multiple files to a GitHub repository in a single commit
Request a GitHub Copilot code review for a pull request. Use this for automated feedback on pull requests, usually before requesting a human reviewer.
Fast and precise code search across ALL GitHub repositories using GitHub's native search engine. Best for finding exact symbols, functions, classes, or specific code patterns.
Search for issues in GitHub repositories using issues search syntax already scoped to is:issue
Search for pull requests in GitHub repositories using issues search syntax already scoped to is:pr
Find GitHub repositories by name, description, readme, topics, or other metadata. Perfect for discovering projects, finding examples, or locating specific repositories across GitHub.
Find GitHub users by username, real name, or other profile information. Useful for locating developers, contributors, or team members.
Add a sub-issue to a parent issue in a GitHub repository.
Update an existing pull request in a GitHub repository.
Update the branch of a pull request with the latest changes from the base branch.
FAQ
Frequently asked questions about GitHub
Which specific GitHub API scopes were configured for the authentication testing?+
We configured the PAT authentication with three scopes: repo for repository access, read:org for organization data, and read:user for user profile information. These scopes enabled successful execution of 35 tools including repository operations, search functionality, and team queries. The scope combination provided sufficient permissions for both read and write operations across GitHub's API surface.
What latency ranges did we observe across different operation categories?+
Fast operations like get_me, search_users, and list_tags completed in 238-289ms. Normal operations including get_file_contents, list_issues, and file modifications ranged from 325-1040ms. Search operations delivered comprehensive results in 949-1627ms, with search_pull_requests taking the longest at 1627ms. Complex Git workflows like push_files reached 1883ms but automate multi-step processes.
What specific error conditions did we encounter during testing?+
Three tools produced errors during execution: get_team_members failed at 206ms, add_comment_to_pending_review failed at 479ms, and update_pull_request_branch failed at 379ms. These failures were limited to specific operations and did not indicate broader connectivity or authentication issues. The remaining 32 executed tools completed successfully without errors.
How do search operations perform compared to manual GitHub browsing?+
Search operations complete comprehensive queries in 1-2 seconds that would take significantly longer through manual interface navigation. search_code returned results in 1193ms, search_issues in 949ms, and search_repositories in 1449ms. These automated searches provide instant access to data across entire codebases and issue histories that would require multiple page loads and filtering steps manually.
What write operations were actually executed versus skipped for safety?+
We executed 7 write operations including create_or_update_file, add_issue_comment, merge_pull_request, push_files, update_pull_request, issue_write, pull_request_review_write, and delete_file. Additionally, 6 tools were skipped due to write-dangerous classification to prevent unintended modifications during testing. All executed write operations completed successfully in the sandbox environment.
Which team-related operations have known limitations?+
Team operations showed mixed results during testing. get_teams succeeded in 478ms and returned team data successfully. However, get_team_members consistently failed at 206ms, indicating potential scope limitations or team membership visibility restrictions. Organizations using team-based workflows should verify their specific team access requirements and PAT scope configurations before relying on member enumeration features.
Related
Explore more
Testing History
Community