Connect the GitHub MCP server so Claude triages PRs, issues, and failing Actions from the terminal

The GitHub MCP server is GitHub's official Model Context Protocol server: a single connector that exposes your repositories, pull requests, issues, Actions runs, and security alerts to Claude as a set of tools. Where last Friday's AWS Documentation server was read-only — four tools that fetch pages and nothing else — this one is the other shape of MCP: a server wired to a real account that can both read state and change it. Open a PR, comment on an issue, re-run a failed workflow, all from the same session you're already coding in.

Why feature it now. It is the most-installed MCP server in the ecosystem and the reference example for what a first-party, action-capable connector looks like, and as of recent Claude Code versions it installs over remote HTTP with one command — no Docker, no local process to babysit. The old path was a locally-run Node package; the npm @modelcontextprotocol/server-github has been deprecated since April 2025, so anything you read predating that is pointing you at the wrong thing. The current answer is the hosted endpoint at https://api.githubcopilot.com/mcp, authenticated with a personal access token.

Pull requests and review. The highest-value daily use is letting Claude pull a PR's diff, files, and review comments into context without you copy-pasting any of it. "Summarise PR 412 and flag anything that touches the auth path" becomes one turn instead of ten. It pairs directly with the engineering plugin's code-review skill featured two Thursdays ago — the MCP server fetches the change, the skill structures the critique.

Issue triage. The server can list, read, label, and comment on issues. For a maintainer that means "find every open issue with no label opened in the last week and group them by area" is a single request, and Claude can apply the labels once you confirm. The reads are free; the writes are where you want to stay deliberate, which is the whole point of the next paragraph.

Actions and security alerts — the SRE bucket. The server surfaces workflow runs, job logs, and the Dependabot and code-scanning alert feeds. "Why did the deploy workflow fail on main this morning" pulls the failing job's log directly; "list open critical Dependabot alerts across the org" turns a tab-hopping chore into one answer. This is the toolset most people don't realise is in there, and it's the one that earns the connector its place for anyone on call.

The trap to avoid is installing the whole thing wide open. The server groups its tools into toolsets — repositories, pull_requests, issues, actions, code_security, dependabot, and more — and enabling all of them dumps dozens of tools into context and degrades tool choice. Enable only the toolsets you use; the local binary and Docker images take a --toolsets flag for exactly this. Scope the personal access token the same way: a fine-grained token with read-only access to the repos you care about is the right default, and you widen it deliberately when you actually need Claude to write. Treat write access as a decision, not a convenience.

The try-it block adds the remote server with one command and gives you a first prompt to confirm it's live.