GitHub
The GitHub connector lets AI agents explore repositories, raise issues, open pull requests, and manage code — all through the GitHub REST API using OAuth 2.0. With 10 tools spanning read, write, and delete operations, it's the most powerful connector in MCPGate.
Protect destructive tools
github_delete_repopermanently deletes a repository and all its contents. Always deny this tool in any app that doesn't explicitly require it. The block_delete guardrail template makes this one click.Tool reference#
The GitHub connector exposes 10 tools: 5 read, 4 write, and 1 delete.
| Tool | Category | Description |
|---|---|---|
| github_list_repos | read | List repositories for the authenticated user or an org |
| github_search_code | read | Search code across GitHub using code search syntax |
| github_get_file | read | Retrieve file contents from a repository at a given ref |
| github_list_issues | read | List issues in a repository with optional filters |
| github_list_prs | read | List pull requests in a repository |
| github_create_issue | write | Create a new issue in a repository |
| github_create_pr | write | Open a pull request between two branches |
| github_create_comment | write | Post a comment on an issue or pull request |
| github_manage_labels | write | Create, update, or delete repository labels |
| github_delete_repo | delete | Permanently delete a repository (irreversible) |
Common guardrail recipes#
Protect the main branch#
Apply the protect_branches template to github_create_pr. Set the config to {"branches": ["main", "production", "release"]}. The rule denies any PR whose base branch matches — the agent must target a feature branch instead.
See Examples — Protect Main Branch.
Read-only access#
Enable only github_list_repos, github_search_code, github_get_file, github_list_issues, and github_list_prs. Deny all write and delete tools. Useful for code-review assistants that should summarise but never modify.
Restrict to specific repositories#
Apply the allow_repos template to all write tools. Set the config to a list of owner/repo pairs the agent is allowed to modify. Requests targeting any other repository are denied before the API call is made.
Force draft PRs#
Apply the force_draft template to github_create_pr. This overrides the AI's draft parameter to true, ensuring all PRs require human review before they can be merged.
Troubleshooting#
- 404 on private repos — Your OAuth token must have the
reposcope to access private repositories. Re-connect GitHub and approve the extended scope. - PR creation fails with branch not found — The head branch must already exist on the remote. Ensure the AI has pushed commits before calling
github_create_pr. - Code search rate limits — GitHub code search is limited to 30 requests per minute for authenticated users. Use the
cooldownguardrail template to rate-limitgithub_search_codecalls.