GitHub MCP server
Read and write repos, issues, pull requests, and Actions runs on GitHub.
About
Connect Tracecat to GitHub to triage code, security findings, and CI activity from agents working alongside AppSec analysts and DevOps engineers. You can pull CodeQL or Dependabot alerts, open a tracking issue, and assign it to the right code owner so vulnerabilities land in the same workflow engineers already use. From there, agents can review pull request diffs, retry failed Actions runs, and post follow-up comments when a fix ships, all attributed to the connected user in your GitHub audit log.
Setup
- 1
Sign in with OAuth
You'll authorize Tracecat to access GitHub on your behalf. No API keys to manage.
- 2
Select the
GitHubtile in the Tracecat MCP catalogOpen the
MCP catalogin your workspace, select theGitHubtile, and complete the OAuth flow. - 3
Enable
GitHubin your agentIn your
ai.agentaction orAgents→toolstab, selectGitHubfrom theMCP integrationsdropdown.
Tools
create_issueOpen a new issue in a repository with title, body, labels, and assignees.
search_issuesSearch issues across repositories with GitHub's search syntax and filters.
create_pull_requestOpen a pull request between two branches with title, body, and reviewers.
get_pull_requestFetch a pull request with its head and base refs, mergeable state, and review status.
list_pull_request_filesList the files changed in a pull request along with patch hunks.
get_file_contentsRead the contents of a file from a repository at a specific ref.
list_workflow_runsList GitHub Actions workflow runs for a repository, filtered by branch, status, or actor.
get_code_scanning_alertFetch a code scanning alert with rule, severity, and affected location.
list_dependabot_alertsList Dependabot alerts for a repository with package, severity, and remediation advice.
create_or_update_fileCommit a new or updated file to a branch, creating a tree and commit in one call.