Create and edit GitHub issues and pull requests without shell escaping hassles.
The materials indicate a narrowly scoped tool that wraps the local GitHub CLI to create/edit issues and pull requests, with no extra secrets or custom remote endpoints declared. No concrete high-risk red flags are evident, but local CLI execution, likely GitHub API traffic through GitHub CLI, and weak community signals warrant caution.
No separate API key or environment variable is declared in the materials; however, the functionality depends on GitHub CLI and may reuse existing local `gh` authentication at runtime. If the host environment is already authenticated to GitHub, the tool could act on behalf of the user for issue/PR write operations, creating a normal credential-use surface.
Although no custom remote endpoint is declared, the description says it wraps GitHub CLI to create/edit issues and pull requests, which typically means submitted content is sent to GitHub services through `gh`. This is consistent with the stated purpose, and there is no evidence of exfiltration to unrelated third parties, but it is still normal outbound data flow.
The system flags `executes-code`, and the description explicitly says it is a thin wrapper around GitHub CLI, so it is reasonable to conclude that it launches/invokes the local `gh` process. This is consistent with its MCP role and represents a normal local command-execution surface; the provided materials do not show requests for system permissions beyond the stated purpose.
Based on the materials, the tool mainly handles issue/PR body content and performs corresponding actions through the local `gh` CLI; there is no stated broad access to local files or unrelated system resources. Even so, invoking a local CLI typically implies at least some access to process environment and GitHub-related local configuration, so it should still be run in a least-privilege environment.
A positive factor is that the project is open source and therefore auditable. However, it comes from a third-party registry, has no declared license, has 0 stars, and its maintenance status is unknown, which weakens supply-chain trust. This is not enough on its own to call it high risk, but source review and dependency pinning are advisable before production use.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "gh-mcp" yet — see the docs or source repo.
Use gh-mcp to create a GitHub issue in owner/repo titled "Login page captcha failure" with reproduction steps, expected result, actual result, and environment details.
Returns the new issue link, number, and a summary of the saved title and body.
Use gh-mcp to edit PR #128 in owner/repo and update the body with change summary, test results, risk notes, and rollback plan while keeping existing reviewer information.
Returns the PR update result and confirms the new description was saved successfully.
Use gh-mcp to update the GitHub PR body for owner/repo PR #256 with new features, bug fixes, impact scope, and release notes.
Outputs a summary of the updated PR body and provides the PR link.
Securely query and manage GitHub Issues for a single repository.
Read repository files, manage pull requests, and create issues in GitHub.
Manage GitHub repositories, pull requests, issues, and workflows with natural language.
Manage GitHub repositories, branches, pull requests, and commits through an MCP server.
Manage GitHub repos, issues, PRs, code search, and CI status in one place.
Manage GitHub repositories, issues, and pull requests through MCP or REST.