Secure Github Ops
FreeNot checkedEnables safe GitHub automation by queuing write operations for admin approval before execution.
About
Enables safe GitHub automation by queuing write operations for admin approval before execution.
README
Created by Aaron Murillo
An MCP server that makes GitHub automation actually safe. Every write operation needs approval before it runs, so you never have to worry about runaway scripts creating 100 issues while you're grabbing coffee.
What This Does
You know how most automation just... does stuff immediately? This flips that. When you (or an AI) try to create an issue, open a PR, or add a comment, it goes into a pending queue. Then someone with admin access reviews and approves it. Only then does it actually hit GitHub.
Two roles:
- Operators can request actions
- Admins can approve, deny, and see what's pending
Everything gets logged so you have a full audit trail.
Getting Started
You'll need Node 18+ and a GitHub token.
cd secure-github-ops
npm install
cp .env.example .env
Open .env and fill in your stuff:
GITHUB_TOKEN=ghp_your_token_here
ADMIN_API_KEYS=some-secret-admin-key
OPERATOR_API_KEYS=some-secret-operator-key
Then run it:
npm run build
npm start
For dev mode with hot reload:
npm run dev
Using with Claude Desktop
Add this to your Claude Desktop config:
{
"mcpServers": {
"secure-github-ops": {
"command": "node",
"args": ["/path/to/secure-github-ops/dist/index.js"],
"env": {
"GITHUB_TOKEN": "ghp_your_token",
"ADMIN_API_KEYS": "your-admin-key",
"OPERATOR_API_KEYS": "your-operator-key"
}
}
}
}
The Tools
For operators and admins:
- github.issues.create - request to create an issue
- github.pr.open - request to open a PR
- github.comment.add - request to add a comment
Admin only:
- admin.approve_action - approve and run a pending action
- admin.deny_action - reject a pending action
- admin.list_pending_actions - see what's waiting
How It Works
Say an operator wants to create an issue:
// Operator requests it
{
"tool": "github.issues.create",
"arguments": {
"_authToken": "operator-key",
"owner": "myorg",
"repo": "myrepo",
"title": "Fix the login bug"
}
}
// Returns a pending action with an ID
Nothing happened on GitHub yet. Now an admin checks what's pending:
{
"tool": "admin.list_pending_actions",
"arguments": { "_authToken": "admin-key" }
}
// Shows the pending issue request
Admin approves it:
{
"tool": "admin.approve_action",
"arguments": {
"_authToken": "admin-key",
"actionId": "the-uuid-from-before"
}
}
// NOW the issue gets created
Config Options
GITHUB_TOKEN (required) - Your GitHub PAT with repo access
ADMIN_API_KEYS (required) - Comma-separated admin keys
OPERATOR_API_KEYS (optional) - Comma-separated operator keys
ALLOWED_REPOS (optional) - Lock it down to specific repos like owner/repo1,owner/repo2
LOG_LEVEL (optional) - debug, info, warn, error
About the STDIO Transport
This uses STDIO, which means it talks through stdin/stdout. All the logs go to stderr so they don't mess with the protocol. If you're wondering why there's no console.log anywhere, that's why.
Want HTTP instead? That's on the roadmap. The core code stays the same, just swap the transport.
Running Tests
npm test
26 tests covering auth, config, and the pending store.
Docker
docker build -t secure-github-ops .
docker run -e GITHUB_TOKEN=... -e ADMIN_API_KEYS=... secure-github-ops
What's Next
Eventually adding HTTP transport so you can host this as a service. Also thinking about persistent storage for the pending actions (right now they live in memory).
Installing Secure Github Ops
This server has no published package — it is built from source. Open the repository and follow its README.
▸ github.com/AaronMurillo01/secure-github-opsFAQ
Is Secure Github Ops MCP free?
Yes, Secure Github Ops MCP is free — one-click install via Unyly at no cost.
Does Secure Github Ops need an API key?
No, Secure Github Ops runs without API keys or environment variables.
Is Secure Github Ops hosted or self-hosted?
Self-hosted: the server runs locally on your machine via the install command above.
How do I install Secure Github Ops in Claude Desktop, Claude Code or Cursor?
Open Secure Github Ops on unyly.org, pick your client tab (Claude Desktop, Claude Code, Cursor) and press Install — the config is generated automatically, no JSON editing.
Related MCPs
GitHub
PRs, issues, code search, CI status
by GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
by mcpdotdirectCompare Secure Github Ops with
Not sure what to pick?
Find your stack in 60 seconds
Author?
Embed badge for your README
Browse similar
All development MCPs
