Ghas Mcp Server
What is Ghas Mcp Server
ghas-mcp-server is an MCP server designed to interact with GitHub Advanced Security (GHAS) for GitHub repositories, enabling users to manage security alerts effectively.
Use cases
Use cases include monitoring and managing security alerts in GitHub repositories, integrating security tools into CI/CD pipelines, and enhancing overall code security practices.
How to use
To use ghas-mcp-server, configure it in your environment by adding the necessary command and arguments in your VS Code settings, and ensure you have a valid GitHub Personal Access Token (PAT) with the required scopes.
Key features
Key features include listing dependabot alerts, secret scanning alerts, and code scanning alerts for a repository, providing a comprehensive overview of security issues.
Where to use
ghas-mcp-server is primarily used in software development environments where GitHub repositories are managed, particularly in organizations focusing on security and compliance.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Overview
What is Ghas Mcp Server
ghas-mcp-server is an MCP server designed to interact with GitHub Advanced Security (GHAS) for GitHub repositories, enabling users to manage security alerts effectively.
Use cases
Use cases include monitoring and managing security alerts in GitHub repositories, integrating security tools into CI/CD pipelines, and enhancing overall code security practices.
How to use
To use ghas-mcp-server, configure it in your environment by adding the necessary command and arguments in your VS Code settings, and ensure you have a valid GitHub Personal Access Token (PAT) with the required scopes.
Key features
Key features include listing dependabot alerts, secret scanning alerts, and code scanning alerts for a repository, providing a comprehensive overview of security issues.
Where to use
ghas-mcp-server is primarily used in software development environments where GitHub repositories are managed, particularly in organizations focusing on security and compliance.
Clients Supporting MCP
The following are the main client software that supports the Model Context Protocol. Click the link to visit the official website for more information.
Content
[!Warning]
The calls in this server have been added to the official GitHub MCP Server, so this repo is archived and for learning purposes only!
ghas-mcp-server
MCP server to make calls to GHAS for GitHub repositories.
Currently this has the following tools that are supported:
- list_dependabot_alerts: List all dependabot alerts for a repository
- list_secret_scanning_alerts: List all secret scanning alerts for a repository
- list_code_scanning_alerts: List all code scanning alerts for a repository
Make sure to add these three scopes (read only) to the configured PAT and for the correct organization as well!
Install in VS Code and VS Code Insiders
Use the buttons to install the server in your VS Code or VS Code Insiders environment. Make sure to read the link before you trust it! The links go to vscode.dev and insiders.vscode.dev and contain instructions to install the server.
VS Code will let you see the configuration before anything happens:
Example configuration
Add the configurations below to your MCP config in the editor.
Secure option: use the authenticated GitHub CLI
Instead of storing a Personal Access Token (see next section), you can also use the authenticated GitHub CLI. This will use the credentials you have configured in your GitHub CLI. This is useful when you have the GitHub CLI installed and already authenticated.
To use the GitHub CLI for authentication, follow the steps below:
- Add
"GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true"to your environment variables. - Ensure you have the GitHub CLI installed and authenticated by running
gh auth login.
Configuration:
{
"mcp": {
"inputs": []
},
"servers": {
"ghas-mcp-server": {
"command": "npx",
"args": [
"-y",
"@rajbos/ghas-mcp-server"
],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true"
}
}
}
}Configuration with a personal access token
For VS Code it would look like this:
{
"mcp": {
"inputs": [
{
"id": "github_personal_access_token",
"description": "GitHub Personal Access Token",
"type": "promptString",
"password": true
}
]
},
"servers": {
"ghas-mcp-server": {
"command": "npx",
"args": [
"-y",
"@rajbos/ghas-mcp-server"
],
"env": {
"GITHUB_PERSONAL_ACCESS_TOKEN": "${input:github_personal_access_token}"
}
}
}
}Results
Contributing
Contributions are welcome! If you have ideas for new tools or improvements, please open an issue or submit a pull request.
Quick Start
# Install dependencies
npm install
# Build the project
npm run build
Project Structure
ghas-mcp-server/ ├── src/ │ ├── operations/ # MCP Tools │ │ └── security.ts │ └── index.ts # Server entry point ├── package.json └── tsconfig.json
Adding Components
The project comes with the GHAS tools in src/operations/security.ts.
Building
- Make changes to your tools
- Run
npm run buildto compile - The server will automatically load your tools on startup
Testing the local build
You can test your local build by configuring the locally build version with the following MCP config:
Don’t forget to change the path to your local build and build the project first!
Learn More
Dev Tools Supporting MCP
The following are the main code editors that support the Model Context Protocol. Click the link to visit the official website for more information.
