GitHub MCP Wrapper

Safe, secure wrapper for GitHub operations integrated with Claude's MCP protocol. Execute repository operations, manage files, handle issues and pull requests—all with environment-variable-protected credentials.

This actor provides a safe interface for GitHub operations through Apify, designed specifically for AI agents and automated workflows. Rather than embedding GitHub tokens in your code, credentials are securely managed through environment variables, preventing accidental exposure in logs or version control systems.

What Does GitHub MCP Wrapper Do?

The GitHub MCP Wrapper enables programmatic access to GitHub repositories and operations through a simple, secure interface. Whether you're automating repository management, creating pull requests, managing issues, or coordinating file operations across multiple repos, this wrapper handles it all without exposing sensitive credentials.

Key Capabilities:

• Repository creation and management (create, update, delete repositories)
• File operations (read, write, update, delete files within repositories)
• Pull request automation (create PRs, merge, close, manage reviews)
• Issue management (create, update, close, label, assign issues)
• Branch operations (create, delete, protect branches)
• Commit operations (create commits with multiple file changes)
• Webhook management for CI/CD integration
• Team and permission management
• Secure credential handling via environment variables only

Key Features (8 Features)

1. Secure Token Management - GitHub tokens stored exclusively in environment variables, never exposed in input parameters or logs
2. Multi-Operation Support - Handle repositories, files, commits, PRs, issues, branches, and webhooks from a single interface
3. Batch File Operations - Modify multiple files in a single commit (useful for automated refactoring or documentation updates)
4. Error Recovery - Graceful handling of rate limits, network errors, and GitHub API failures with automatic retry logic
5. MCP Compatible - Integrates seamlessly with Claude's Model Context Protocol for AI-driven automation
6. Comprehensive Logging - Detailed operation logs for debugging and auditing without compromising security
7. Branch Protection - Enforce required reviews, status checks, and admissibility rules for production branches
8. Webhook Integration - Automate downstream processes by triggering webhooks on repository events

How to Use (Step by Step)

Step 1: Set Up GitHub Token

Before running this actor, configure your GitHub Personal Access Token as an environment variable:

• Go to GitHub Settings → Developer settings → Personal access tokens
• Create a new token with repo, workflow, and admin:repo_hook scopes
• Set the token as an environment variable: GITHUB_TOKEN=ghp_xxxxxx...

Step 2: Define Your Operation

Prepare your input JSON specifying the operation and parameters:

{
  "tool": "create_file",
  "toolInput": {
    "owner": "your-username",
    "repo": "your-repo",
    "path": "src/new-file.js",
    "content": "// New file content",
    "message": "Add new file via automation"
  }
}

Step 3: Run the Actor

Execute the actor with your prepared input. The actor will:

1. Validate your GitHub token exists in environment variables
2. Initialize the GitHub API client (Octokit)
3. Execute your specified operation
4. Return results in structured JSON format
5. Log all operations for audit purposes

Step 4: Handle Results

Process the returned JSON containing:

• Operation status (success/failure)
• Response data from GitHub API
• Any errors or warnings
• Rate limit information for future requests

Input Parameters (Brief Table)

Parameter	Type	Required	Description
tool	string	Yes	Operation to perform (e.g., create_file, create_pr, create_issue)
toolInput	object	Yes	Parameters specific to the operation being performed
owner	string	Yes*	GitHub repository owner (username or org)
repo	string	Yes*	Repository name
path	string	Yes*	File path for file operations
content	string	Yes*	File content for write operations
message	string	Yes*	Commit message for file operations
title	string	Yes*	Title for PR or issue creation
body	string	No	Description body for PR or issue

*Required depending on the specific operation

Output Data (Brief Table)

Field	Type	Description
success	boolean	Whether the operation completed successfully
data	object	GitHub API response data for successful operations
error	string	Error message if operation failed
rateLimit	object	Current GitHub API rate limit status
operationType	string	The operation that was executed
timestamp	string	ISO timestamp of operation completion

Pricing & Performance

Cost per operation: Depends on operation complexity

• Simple file reads: ~$0.02
• File writes (commits): ~$0.05
• PR/Issue creation: ~$0.08
• Batch operations: ~$0.15

Performance:

• File operations: <2 seconds
• PR creation: <5 seconds
• Issue management: <3 seconds
• Rate limits: 5,000 requests/hour for authenticated users

Recommendations:

• Batch file modifications into single commits to avoid rate limiting
• Use caching to avoid redundant GitHub API calls
• Monitor rate limit headers in responses to pace requests appropriately

FAQ (2-3 Questions)

Q: Why must the GitHub token come from environment variables? A: Storing credentials in environment variables prevents accidental exposure in logs, version control history, or error messages. This follows security best practices for handling sensitive authentication tokens.

Q: What GitHub operations are supported? A: All major operations are supported including: repository management, file I/O, commits, pull requests, issues, branches, teams, hooks, and releases. Complex workflows can be composed from individual operations.

Q: How do I handle rate limiting? A: The actor respects GitHub's rate limits (5,000 requests/hour) and includes rate limit info in responses. For heavy workloads, either space out requests or use GitHub's GraphQL API for more efficient queries.

Security Considerations

• Credential Protection: GitHub tokens are NEVER accepted as input parameters—only from environment variables
• Scope Limitation: Request tokens with minimal required permissions (repo, workflow, admin:repo_hook)
• Audit Logging: All operations are logged with timestamps for security auditing
• Error Messages: Never expose token or sensitive data in error messages or logs
• Network Security: All communication with GitHub API uses HTTPS encryption

Integrations & Automation

MCP Compatible: Directly integrate with Claude and other AI agents for automated GitHub workflows.

Webhook Triggers: Configure GitHub webhooks to trigger downstream Apify actors on repository events.

Slack Notifications: Send alerts to Slack when important operations complete (PR merged, issue created, etc.).

CI/CD Integration: Trigger actor runs from GitHub Actions workflows to automate repository maintenance tasks.

Works Great With

• Code Quality Tools - Automate code reviews by creating PRs with automated fixes
• Documentation Generators - Auto-commit generated documentation to docs/ branches
• Release Automation - Create releases and tags automatically based on semantic versioning
• Issue Automation - Create and organize issues from external data sources

---

Security First. Automation Ready. AI-Friendly.

📧 Support · 🔗 GitHub API Docs · 🤖 MCP Integration · 📡 REST API

Built for secure automation workflows with Apify and Claude.