Secure Github Ops

🚀 Secure GitHub Ops MCP Server

An MCP server that enhances the safety of GitHub automation. Every write operation requires approval before execution, preventing the risk of runaway scripts causing chaos while you take a break.

🚀 Quick Start

You'll need Node 18+ and a GitHub token.

cd secure-github-ops
npm install
cp .env.example .env

Open .env and fill in your details:

GITHUB_TOKEN=ghp_your_token_here
ADMIN_API_KEYS=some-secret-admin-key
OPERATOR_API_KEYS=some-secret-operator-key

Then run it:

npm run build
npm start

For dev mode with hot reload:

npm run dev

✨ Features

• Approval - based System: Every write operation, such as creating an issue, opening a PR, or adding a comment, goes into a pending queue and requires admin approval before hitting GitHub.
• Two - role System: Operators can request actions, while admins can approve, deny, and view pending actions.
• Logging: All operations are logged, providing a full audit trail.

💻 Usage Examples

Using with Claude Desktop

Add this to your Claude Desktop config:

{
  "mcpServers": {
    "secure-github-ops": {
      "command": "node",
      "args": ["/path/to/secure-github-ops/dist/index.js"],
      "env": {
        "GITHUB_TOKEN": "ghp_your_token",
        "ADMIN_API_KEYS": "your-admin-key",
        "OPERATOR_API_KEYS": "your-operator-key"
      }
    }
  }
}

Operator Requests to Create an Issue

// Operator requests it
{
  "tool": "github.issues.create",
  "arguments": {
    "_authToken": "operator-key",
    "owner": "myorg",
    "repo": "myrepo",
    "title": "Fix the login bug"
  }
}
// Returns a pending action with an ID

Admin Checks Pending Actions

{
  "tool": "admin.list_pending_actions",
  "arguments": { "_authToken": "admin-key" }
}
// Shows the pending issue request

Admin Approves a Pending Action

{
  "tool": "admin.approve_action",
  "arguments": {
    "_authToken": "admin-key",
    "actionId": "the-uuid-from-before"
  }
}
// NOW the issue gets created

📚 Documentation

The Tools

For Operators and Admins

• github.issues.create - Request to create an issue.
• github.pr.open - Request to open a PR.
• github.comment.add - Request to add a comment.

Admin only

• admin.approve_action - Approve and run a pending action.
• admin.deny_action - Reject a pending action.
• admin.list_pending_actions - See what's waiting.

Config Options

• GITHUB_TOKEN (required) - Your GitHub PAT with repo access.
• ADMIN_API_KEYS (required) - Comma - separated admin keys.
• OPERATOR_API_KEYS (optional) - Comma - separated operator keys.
• ALLOWED_REPOS (optional) - Lock it down to specific repos like owner/repo1,owner/repo2.
• LOG_LEVEL (optional) - debug, info, warn, error.

About the STDIO Transport

This uses STDIO, which means it communicates through stdin/stdout. All the logs go to stderr so they don't interfere with the protocol. If you're wondering why there's no console.log anywhere, that's the reason.

Want HTTP instead? That's on the roadmap. The core code stays the same; just swap the transport.

🔧 Technical Details

The system operates by first receiving requests from operators. These requests are placed in a pending queue. Admins can then review the pending actions using the admin.list_pending_actions tool. When an admin approves an action with admin.approve_action, the corresponding operation is executed on GitHub. All operations are logged for auditing purposes. The current implementation uses in - memory storage for pending actions, and there are plans to add persistent storage in the future.

📦 Installation

Local Installation

Follow the steps in the "Quick Start" section to install and run the application locally.

Docker Installation

docker build -t secure-github-ops .
docker run -e GITHUB_TOKEN=... -e ADMIN_API_KEYS=... secure-github-ops

Running Tests

npm test

There are 26 tests covering auth, config, and the pending store.

What's Next

• Eventually adding HTTP transport so you can host this as a service.
• Considering persistent storage for the pending actions (currently they live in memory).