Authentication
The plugin uses OAuth 2.0 with therepo and read:user scopes. To connect a user’s GitHub account, redirect them to the login endpoint:
YOUR_USER_ID is the identifier your application uses to track users. It is stored alongside the encrypted token so Toolshed can retrieve the right credentials at tool invocation time.Connecting a user
Initiate the OAuth flow
Send the user to the login URL. In a web app this is typically a redirect; in a CLI you can open it in the browser.
User authorizes on GitHub
GitHub presents the standard OAuth consent screen. The user approves the
repo and read:user scopes.Disconnecting
To revoke and remove a user’s GitHub connection, send:Available tools
The GitHub plugin exposes three tools. Read-only tools (github.issues.list and github.repos.search) are safe to auto-approve by MCP clients. The github.issues.create tool is marked destructive and requires explicit user confirmation via the MCP elicitation flow before proceeding.
github.issues.list — List Issues
github.issues.list — List Issues
Lists issues in a GitHub repository. You can filter by state and labels and control how many results are returned. The tool reads from the GitHub REST API using the authenticated user’s token.Parameters:
Returns:An object with an
Example invocation:
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
owner | string | Yes | — | Repository owner (user or organization login) |
repo | string | Yes | — | Repository name |
state | "open" | "closed" | "all" | No | "open" | Filter issues by state |
labels | string[] | No | — | Filter to issues that have all of these labels |
limit | integer | No | 30 | Maximum number of issues to return (must be positive) |
issues array. Each issue contains:| Field | Type | Description |
|---|---|---|
number | number | Issue number |
title | string | Issue title |
state | string | "open" or "closed" |
labels | string[] | Label names applied to the issue |
created_at | string | ISO 8601 creation timestamp |
url | string | HTML URL of the issue on GitHub |
github.issues.create — Create Issue
github.issues.create — Create Issue
Creates a new issue in a GitHub repository. This tool is marked destructive — Toolshed will pause and ask the user for explicit confirmation before the issue is created. If the user declines or cancels the elicitation prompt, the operation is aborted and no issue is created.Parameters:
Returns:
Example invocation:
| Parameter | Type | Required | Description |
|---|---|---|---|
owner | string | Yes | Repository owner (user or organization login) |
repo | string | Yes | Repository name |
title | string | Yes | Issue title |
body | string | No | Issue description (Markdown supported) |
labels | string[] | No | Labels to apply to the new issue |
assignees | string[] | No | GitHub usernames to assign to the issue |
| Field | Type | Description |
|---|---|---|
number | number | Issue number of the newly created issue |
url | string | HTML URL of the new issue on GitHub |
github.repos.search — Search Repositories
github.repos.search — Search Repositories
Searches GitHub repositories using a query string. The query syntax is the same as the GitHub search bar — you can use qualifiers like
Returns:An object with a
Example invocation:
language:typescript, org:acme-corp, or topic:mcp. Results include both public repositories and private repositories accessible to the authenticated user.Parameters:| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
query | string | Yes | — | GitHub search query string |
limit | integer | No | 10 | Maximum number of repositories to return (must be positive) |
repos array. Each repository contains:| Field | Type | Description |
|---|---|---|
full_name | string | owner/repo slug |
description | string | null | Repository description |
stars | number | Stargazer count |
url | string | HTML URL of the repository on GitHub |