[Skip to main content](https://glama.ai/mcp/servers/@rajbos/<#main-content>)
[Glama](https://glama.ai/mcp/servers/@rajbos/</>)
[Chat](https://glama.ai/mcp/servers/@rajbos/</chat>)[MCP](https://glama.ai/mcp/servers/@rajbos/</mcp>)[Gateway](https://glama.ai/mcp/servers/@rajbos/</gateway>)[Models](https://glama.ai/mcp/servers/@rajbos/</models>)[Pricing](https://glama.ai/mcp/servers/@rajbos/</pricing>)[Community](https://glama.ai/mcp/servers/@rajbos/</discord>)[Sign In](https://glama.ai/mcp/servers/@rajbos/</sign-in>)
[Chat](https://glama.ai/mcp/servers/@rajbos/</chat>)MCP[Gateway](https://glama.ai/mcp/servers/@rajbos/</gateway>)[Models](https://glama.ai/mcp/servers/@rajbos/</models>)[Pricing](https://glama.ai/mcp/servers/@rajbos/</pricing>)[Community](https://glama.ai/mcp/servers/@rajbos/</discord>)[Sign In](https://glama.ai/mcp/servers/@rajbos/</sign-in>)
[Glama](https://glama.ai/mcp/servers/@rajbos/</>)
[MCP](https://glama.ai/mcp/servers/@rajbos/</mcp>)
[Servers](https://glama.ai/mcp/servers/@rajbos/</mcp/servers>)
[en](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#readme-md> "English")[es](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=es-ES#readme-md> "Spanish")[ja](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=ja-JP#readme-md> "Japanese")[ko](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=ko-KR#readme-md> "Korean")[zh](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=zh-CN#readme-md> "Chinese")
[English](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#readme-md> "English")[Spanish](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=es-ES#readme-md> "Spanish")[Japanese](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=ja-JP#readme-md> "Japanese")[Korean](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=ko-KR#readme-md> "Korean")[Chinese](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server?locale=zh-CN#readme-md> "Chinese")
# GHAS MCP server (GitHub Advanced Security)
by [rajbos](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/rajbos>)
[GitHub](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/rajbos/ghas-mcp-server>)
  * [Security](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/security-and-iam>)
  * [Monitoring](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/monitoring>)
  * [Code Analysis](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/code-analysis>)


[TypeScript](https://glama.ai/mcp/servers/@rajbos/</mcp/servers?attributes=language%3Atypescript>)
5
[Overview](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server>)[InspectNew](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/inspect>)[Schema](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/schema>)[Related Servers](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/related-servers>)[Reviews](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/reviews>)[Score](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/score>)
[Need Help?](https://glama.ai/mcp/servers/@rajbos/</mcp/discord>)[View Source Code](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/rajbos/ghas-mcp-server>)[Report Issue](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/punkpeye/awesome-mcp-servers/issues/new?body=Server%3A+GHAS+MCP+server+%28GitHub+Advanced+Security%29%0AURL%3A+https%3A%2F%2Fgithub.com%2Frajbos%2Fghas-mcp-server%0AAuthor%3A+%40rajbos%0A%0A---%0A%0A&labels=glama+server+listing&title=%5BGHAS+MCP+server+%28GitHub+Advanced+Security%29%5D+>)
## ghas-mcp-server
MCP server to make calls to GHAS for GitHub repositories.
Currently this has the following tools that are supported:
  * list_dependabot_alerts: List all dependabot alerts for a repository
  * list_secret_scanning_alerts: List all secret scanning alerts for a repository
  * list_code_scanning_alerts: List all code scanning alerts for a repository


Make sure to add these three scopes (read only) to the configured PAT and for the correct organization as well!
## Install in VS Code and VS Code Insiders
Use the buttons to install the server in your VS Code or VS Code Insiders environment. Make sure to read the link before you trust it! The links go to `vscode.dev` and `insiders.vscode.dev` and contain instructions to install the server. 
VS Code will let you see the configuration before anything happens:
[](https://glama.ai/mcp/servers/@rajbos/<https:/vscode.dev/redirect?url=vscode%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522ghas-mcp-server%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522-y%2522%252C%2522%2540rajbos%252Fghas-mcp-server%2522%255D%252C%2522env%2522%253A%257B%2522GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI%2522%253A%2522true%2522%257D%257D>) [](https://glama.ai/mcp/servers/@rajbos/<https:/insiders.vscode.dev/redirect?url=vscode-insiders%3Amcp%2Finstall%3F%257B%2522name%2522%253A%2522ghas-mcp-server%2522%252C%2522command%2522%253A%2522npx%2522%252C%2522args%2522%253A%255B%2522-y%2522%252C%2522%2540rajbos%252Fghas-mcp-server%2522%255D%252C%2522env%2522%253A%257B%2522GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI%2522%253A%2522true%2522%257D%257D>)
## Example configuration
Add the configurations below to your MCP config in the editor. 
### Secure option: use the authenticated GitHub CLI
Instead of storing a Personal Access Token (see next section), you can also use the authenticated GitHub CLI. This will use the credentials you have configured in your GitHub CLI. This is useful when you have the GitHub CLI installed and already authenticated.
To use the GitHub CLI for authentication, follow the steps below:
  * Add `"GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true"` to your environment variables.
  * Ensure you have the GitHub CLI installed and authenticated by running `gh auth login`.


Configuration: 
Copy
{ "mcp": { "inputs": [ ] }, "servers": { "ghas-mcp-server": { "command": "npx", "args": [ "-y", "@rajbos/ghas-mcp-server" ], "env": { "GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true" } } } }
### Configuration with a personal access token
For VS Code it would look like this:
Copy
{ "mcp": { "inputs": [ { "id": "github_personal_access_token", "description": "GitHub Personal Access Token", "type": "promptString", "password": true } ] }, "servers": { "ghas-mcp-server": { "command": "npx", "args": [ "-y", "@rajbos/ghas-mcp-server" ], "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "${input:github_personal_access_token}" } } } }
## Results
## Contributing
Contributions are welcome! If you have ideas for new tools or improvements, please open an issue or submit a pull request.
### Quick Start
Copy
# Install dependencies npm install # Build the project npm run build 
### Project Structure
Copy
ghas-mcp-server/ ├── src/ │ ├── operations/ # MCP Tools │ │ └── security.ts │ └── index.ts # Server entry point ├── package.json └── tsconfig.json
### Adding Components
The project comes with the GHAS tools in `src/operations/security.ts`.
### Building
  1. Make changes to your tools
  2. Run `npm run build` to compile
  3. The server will automatically load your tools on startup


#### Testing the local build
You can test your local build by configuring the locally build version with the following MCP config:
Copy
"servers": { "ghas-mcp-server": { "command": "node", "args": [ "C:/Users/RobBos/Code/Repos/rajbos/ghas-mpc-server/dist/index.js" ], "env": { "GITHUB_PERSONAL_ACCESS_TOKEN_USE_GHCLI": "true" } } }
Don't forget to change the path to your local build and build the project first!
### Learn More
  * [MCP Framework Github](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/QuantGeekDev/mcp-framework>)
  * [MCP Framework Docs](https://glama.ai/mcp/servers/@rajbos/<https:/mcp-framework.com>)


Install Server
This server [cannot be installed](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server/score>)
-
security - not tested
-
license - not tested
-
quality - not tested
hybrid server
The server is able to function both locally and remotely, depending on the configuration or use case.
This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts
  1. [Install in VS Code and VS Code Insiders](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#install-in-vs-code-and-vs-code-insiders>)
  2. [Example configuration](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#example-configuration>)
    1. [Secure option: use the authenticated GitHub CLI](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#secure-option-use-the-authenticated-git-hub-cli>)
    2. [Configuration with a personal access token](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#configuration-with-a-personal-access-token>)
  3. [Results](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#results>)
  4. [Contributing](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#contributing>)
    1. [Quick Start](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#quick-start>)
    2. [Project Structure](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#project-structure>)
    3. [Adding Components](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#adding-components>)
    4. [Building](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#building>)
    5. [Learn More](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@rajbos/ghas-mcp-server#learn-more>)


#### Related MCP Servers
  * ## [mcp-snyk](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@Sladey01/mcp-snyk>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/security-and-iam>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/developer-tools>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/testing-and-qa-tools>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/remote-capable>)
[Sladey01](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/Sladey01>)
-
security
F
license
-
quality
A standalone Model Context Protocol server for Snyk security scanning functionality.
Last updated -
2
1
JavaScript
  * ## [ClickUp MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@Nazruden/clickup-mcp-server>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/project-management>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/app-automation>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/remote-capable>)
[Nazruden](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/Nazruden>)
A
security
A
license
A
quality
This server integrates AI assistants with ClickUp workspaces, enabling task, team, list, and board management through a secure OAuth2 authentication process.
Last updated -
5
56
7
TypeScript
MIT License
    * Apple
  * ## [GitHub MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@timbuchinger/mcp-github>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/version-control>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/developer-tools>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/remote-capable>)
[timbuchinger](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/timbuchinger>)
-
security
F
license
-
quality
Enables interaction with GitHub issues via the Model Context Protocol, allowing users to list and create issues with secure authentication.
Last updated -
Python
  * ## [Snyk MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@sammcj/mcp-snyk>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/security-and-iam>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/testing-and-qa-tools>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/developer-tools>)
    * [](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/categories/hybrid>)
[sammcj](https://glama.ai/mcp/servers/@rajbos/<https:/github.com/sammcj>)
-
security
F
license
-
quality
A standalone server enabling Snyk security scanning through the Model Context Protocol, with support for repository and project analysis, token verification, and CLI integration.
Last updated -
1
JavaScript


[View all related MCP servers](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/rajbos/ghas-mcp-server/related-servers>)
#### Appeared in Searches
  * [A platform for hosting and sharing code](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/search/a-platform-for-hosting-and-sharing-code>)
  * [Using separate agents for schema validation, code standards, and directory structure enforcement in development workflows](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/search/using-separate-agents-for-schema-validation-code-standards-and-directory-structure-enforcement-in-development-workflows>)
  * [Information about Git, a version control system](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/search/information-about-git-a-version-control-system>)
  * [A database for looking up CVEs on the National Vulnerability Database](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/search/a-database-for-looking-up-cves-on-the-national-vulnerability-database>)
  * [Getting Help with GitHub Actions Workflow Coding](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/search/getting-help-with-git-hub-actions-workflow-coding>)


#### New MCP Servers
  * [k8s-pilot](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@bourbonkk/k8s-pilot>)
  * [OpenAI-Redis Conversation System](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@Gaya56/ai-session-mcp>)
  * [CloudWatch MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@CharlieFng/cloudwatch-mcp>)
  * [Cloud TPU API MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@ag2-mcp-servers/cloud-tpu-api>)
  * [Stellastra MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@ag2-mcp-servers/stellastra>)
  * [OKX MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@PJ-TST-238819/mcp>)
  * [Claude Web Search MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@Doriandarko/claude-search-mcp>)
  * [MySQL Navigator MCP](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@Medsaad/mcp-db-navigator>)
  * [Traffic Director MCP Server](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@ag2-mcp-servers/traffic-director-api>)
  * [NASA-MCP](https://glama.ai/mcp/servers/@rajbos/</mcp/servers/@AnCode666/nasa-mcp>)


ID: ko542m3922
Was this helpful?
YesNo
#### MCP
  * [MCP servers](https://glama.ai/mcp/servers/@rajbos/</mcp/servers>)
  * [MCP clients](https://glama.ai/mcp/servers/@rajbos/</mcp/clients>)
  * [MCP tools](https://glama.ai/mcp/servers/@rajbos/</mcp/tools>)
  * [MCP API](https://glama.ai/mcp/servers/@rajbos/</mcp/api>)


#### Gateway
  * [Documentation](https://glama.ai/mcp/servers/@rajbos/</gateway/docs>)
  * [API Reference](https://glama.ai/mcp/servers/@rajbos/</gateway/reference>)
  * [LLM router](https://glama.ai/mcp/servers/@rajbos/</gateway>)
  * [LLM models](https://glama.ai/mcp/servers/@rajbos/</models>)


#### Policies
  * [Terms of Service](https://glama.ai/mcp/servers/@rajbos/</policies/terms-of-service>)
  * [Privacy Policy](https://glama.ai/mcp/servers/@rajbos/</policies/privacy-policy>)
  * [Security Policy](https://glama.ai/mcp/servers/@rajbos/</policies/security-policy>)


#### Resources
  * [Support](https://glama.ai/mcp/servers/@rajbos/</support>)
  * [Pricing](https://glama.ai/mcp/servers/@rajbos/</pricing>)
  * [Careers](https://glama.ai/mcp/servers/@rajbos/</careers>)
  * [Blog](https://glama.ai/mcp/servers/@rajbos/</blog>)


[Glama](https://glama.ai/mcp/servers/@rajbos/</>) – all-in-one AI workspace.
[All systems online](https://glama.ai/mcp/servers/@rajbos/</status>)[Discord](https://glama.ai/mcp/servers/@rajbos/</discord>)[](https://glama.ai/mcp/servers/@rajbos/<https:/reddit.com/r/glama>)[X](https://glama.ai/mcp/servers/@rajbos/<https:/x.com/glama_ai>)


MCP server to make calls to GHAS for GitHub repositories. This server integrates with GitHub Advanced Security to load security alerts and bring them into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts.

ghas-mcp-serverServer

💡 Description

📝 JSON Entries

🛠️ Tools

⚡ Features

💬 Example Queries