You're reviewing a pull request and you want Claude's opinion on whether the approach is sound. So you copy the diff — all 400 lines of it — paste it into Claude, add context about what the PR is trying to do, and wait. With the GitHub MCP server, you skip all of that. You just paste the PR URL and ask.

What the GitHub MCP server can do

The GitHub MCP server wraps the GitHub REST API v3 and exposes it to Claude as a set of tools. Here's what it can actually do — and this is the list most tutorials skip over:

  • Read repositories — list files, read file contents, search code
  • Pull requests — fetch PR details, review diffs, list comments, add review comments
  • Issues — create issues, read issue threads, add comments, update labels
  • Commits — read commit history, compare branches
  • Search — search across repos, issues, and code by query
  • Repository management — fork repos, create branches (if you grant write scope)

And here's what it can't do: it can't run your code, deploy anything, or bypass GitHub's own permissions. It's scoped entirely to what the GitHub API allows — which is still a lot.

GitHub MCP server setup flow showing steps: create Personal Access Token, edit claude_desktop_config.json, add npx config block, restart Claude Desktop
Four-step GitHub MCP setup process: from creating a Personal Access Token to having Claude access your GitHub repositories.

Step 1: Create a GitHub Personal Access Token

Go to github.com/settings/tokens. Anthropic recommends using fine-grained tokens over classic tokens — they're more secure because you can restrict them to specific repos and expiry dates.

Click "Generate new token (fine-grained)". Set a name like "Claude MCP", an expiry of 90 days, and choose "Only select repositories" if you want to limit access. For permissions, select at minimum:

  • Contents: Read
  • Issues: Read and Write (if you want Claude to create issues)
  • Pull requests: Read and Write (for PR reviews and comments)
  • Metadata: Read (required)

Copy the generated token — you won't see it again after leaving the page.

Step 2: Add the config entry

Open your claude_desktop_config.json and add:

{
  "mcpServers": {
    "github": {
      "command": "npx",
      "args": ["-y", "@modelcontextprotocol/server-github"],
      "env": {
        "GITHUB_PERSONAL_ACCESS_TOKEN": "github_pat_xxxxxxxxxxxxx"
      }
    }
  }
}

Replace the token value with your actual token. Restart Claude Desktop.

GitHub MCP server PR review workflow showing Claude sending tool calls to GitHub MCP server which calls GitHub REST API, returning pull request data, commits, issues, and file contents
How Claude uses the GitHub MCP server to read pull requests, issues, and file contents from your repositories.

Step 3: Put it to work

Once restarted, try these prompts to verify it's working and see real value immediately:

  • "List the open PRs in my repo yourorg/yourrepo"
  • "Read the README for modelcontextprotocol/servers"
  • "Review PR #42 in yourorg/yourrepo and flag any security concerns"
  • "Create an issue in yourorg/yourrepo titled 'Fix null pointer in auth module' with the label 'bug'"

That last one is genuinely useful. You can dictate issues in natural language and Claude will format them properly and create them with the right labels.

The PR review workflow — what developers actually use this for

Here's the workflow that makes the GitHub MCP server genuinely valuable. When you get a PR to review, instead of reading the diff yourself first, say: "Read PR #87 in acme/backend and give me a 3-sentence summary of what it's trying to do, then list any potential issues you see."

Claude fetches the diff, reads it, and gives you a focused summary before you've read a single line. You then read with context. For long PRs, this saves 10–15 minutes of orientation time.

Combine it with the filesystem server and you can ask Claude to compare what a PR changes against your local project conventions — without uploading your entire codebase anywhere.

Can Claude write code directly to my GitHub repo?

Yes, if you grant Contents: Write permission. Claude can create or update files via the GitHub API. But be careful — this means Claude's edits commit directly. Most developers prefer to have Claude suggest changes via a PR rather than commit directly. You can ask Claude to "create a branch and open a PR with these changes" instead of writing to main.

Does the GitHub MCP server work with GitHub Enterprise?

Yes. Add a GITHUB_API_URL environment variable pointing to your enterprise instance — something like https://github.yourcompany.com/api/v3. The rest of the setup is identical.

Frequently Asked Questions

For read-only use (browsing repos, reading issues, reviewing PRs), you only need Contents: Read and Metadata: Read on your fine-grained PAT. For creating issues and PRs, add Issues: Write and Pull Requests: Write. Never grant admin or delete scopes unless you specifically need them.

Yes, if your PAT has access to those repos. When creating a fine-grained PAT, you can restrict it to specific repositories — which is the safest approach for private code.

The config file is local to your machine and not shared over the network. But it is stored in plain text. Use a fine-grained PAT with minimal scopes, set it to expire in 90 days, and restrict it to only the repos you need. Rotate it if you ever share your machine or config file.

The GitHub MCP server uses the GitHub API — it works with remote repos on github.com and requires a PAT. The Git MCP server works with local git repos on your machine — no internet, no API key. For local-only work, Git is simpler and faster.