ghe-mcp-gateway

ghe-mcp-gateway

Enables natural language admin tasks for GitHub Enterprise Cloud, like listing private repos, access reviews, and secret scanning, with read-only safety by default.

Category
Visit Server

README

ghe-mcp-gateway

An MCP (Model Context Protocol) server that exposes GitHub Enterprise administration operations as agent tools. Point Claude (Code or Desktop) at it and ask things like "list private repos in the org with no recent pushes" or "who has admin on payments-api?" - the model calls the GitHub API through typed, permissioned tools instead of raw curl.

Built as a working reference for GitHub Enterprise Cloud administration: repository management, access governance, audit-log review, webhook management, and secret-scanning triage.

Why

Admin work is repetitive API calls (access reviews, alert triage, config audits). Wrapping the GitHub REST/GraphQL API as MCP tools lets an agent do the legwork while keeping a human in the loop - and keeps writes behind an explicit safety switch.

Tools (21)

Category Tools
Repository admin list_repositories, get_repository
Access & teams list_organization_members, list_teams, list_team_members, list_repo_collaborators, get_repo_permission, list_team_repos, set_repo_collaborator_permission, set_team_repo_permission
Branch protection get_branch_protection, set_branch_protection*, list_org_rulesets, get_org_ruleset
Security (GHAS) list_secret_scanning_alerts, list_code_scanning_alerts, list_dependabot_alerts, resolve_secret_scanning_alert*
Audit log get_org_audit_log
Webhooks list_org_webhooks
Escape hatch graphql_query

* write operation - blocked unless GITHUB_MCP_READ_ONLY=false.

Companion skill

.claude/skills/github-admin/SKILL.md packages these tools into admin playbooks - access review/certification, leaked-secret response, repo onboarding & governance, security-posture audit, and access changes. Open Claude Code in this repo and the /github-admin skill is available; it drives the MCP tools with a read-first, least-privilege, confirm-before-write discipline.

Setup

uv sync                       # create venv + install deps
cp .env.example .env          # then add your GITHUB_TOKEN

Suggested token scopes (classic): repo, read:org, admin:org, read:audit_log, admin:org_hook, security_events. For GitHub Enterprise Server, set GITHUB_API_URL to https://<host>/api/v3.

Run

# stdio server (how MCP clients launch it)
uv run github-admin-mcp

# quick manual check with the MCP Inspector
uv run mcp dev src/github_admin_mcp/server.py

Register with Claude Code

claude mcp add github-admin -- uv run --directory /Users/mikeholzinger/src/github_mcp github-admin-mcp

(or add an entry to your client's MCP config pointing at the same command).

60-second demo

# 1. add your token (read-only by default - safe)
cp .env.example .env && $EDITOR .env        # set GITHUB_TOKEN

# 2. register the server + open Claude Code in this repo
claude mcp add github-admin -- uv run --directory "$PWD" github-admin-mcp
claude

# 3. the /github-admin skill is now available. Try, in natural language:
#    "Run an access review on the <org> organization"
#    "Audit the security posture of <org>/<repo>"
#    "Who has admin on <org>/<repo>?"
# The skill calls the MCP tools read-only and reports an auditor-ready summary.

Safety

  • Read-only by default (GITHUB_MCP_READ_ONLY=true); mutating tools refuse until you opt in.
  • No credentials in code - token comes from the environment. .env is git-ignored.

Layout

src/github_admin_mcp/
  client.py   # async REST + GraphQL client (auth, pagination, GHES-aware, read-only guard)
  server.py   # FastMCP server; one @mcp.tool() per operation
docs/
  GITHUB_API_REFERENCE.md   # the endpoint research this server is built on

Example GitHub Actions workflows

Healthcare-oriented admin automation lives in .github/workflows/ with the logic in scripts/ (Python + requests). All follow least-privilege permissions: and pin actions.

Workflow Trigger What it does
Access Review (access-review.yml) Monthly cron + manual Certifies repo access org-wide; flags outside collaborators, admin grants, write-on-archived; emits a JSON evidence artifact (13-mo retention) and files a tracking issue.
Secret Scanning Alerts (secret-scanning-alerts.yml) secret_scanning_alert event + hourly sweep Real-time + safety-net notification to a security Slack channel. Sends metadata only - never the secret value.
Repository Governance (repo-governance.yml) Org repo-createdrepository_dispatch + weekly sweep Enforces the branch-protection baseline (PR + 2 reviews, Code Owner, signed commits, no force-push/delete, conversation resolution, Dependabot). Dry-run by default; auto-applies to brand-new repos.

Required CI config: secret ORG_ADMIN_TOKEN (org PAT/App), secret SECURITY_SLACK_WEBHOOK, and variable GITHUB_ORG. The scripts honor GITHUB_API_URL for GitHub Enterprise Server.

Roadmap

  • Branch-protection / rulesets tools, team-repo access management
  • Secret-scanning alert resolution, code-scanning + Dependabot alerts
  • Audit-log streaming config; enterprise-level endpoints
  • A companion Claude skill that drives these tools for common admin playbooks

Recommended Servers

playwright-mcp

playwright-mcp

A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.

Official
Featured
TypeScript
Magic Component Platform (MCP)

Magic Component Platform (MCP)

An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.

Official
Featured
Local
TypeScript
Audiense Insights MCP Server

Audiense Insights MCP Server

Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.

Official
Featured
Local
TypeScript
VeyraX MCP

VeyraX MCP

Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.

Official
Featured
Local
graphlit-mcp-server

graphlit-mcp-server

The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.

Official
Featured
TypeScript
Kagi MCP Server

Kagi MCP Server

An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.

Official
Featured
Python
E2B

E2B

Using MCP to run code via e2b.

Official
Featured
Neon Database

Neon Database

MCP server for interacting with Neon Management API and databases

Official
Featured
Exa Search

Exa Search

A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.

Official
Featured
Qdrant Server

Qdrant Server

This repository is an example of how to create a MCP server for Qdrant, a vector search engine.

Official
Featured