Skip to content

GitHub

Connect Pencel to GitHub so your agents can work with repositories, issues, pull requests, and code. This is a verified integration maintained by the MCP protocol team, making it one of the most reliable connections available.

Trust LevelVerified
TransportBuiltin
Package@modelcontextprotocol/server-github
OAuthEmbedded (Device Flow)
ActivationAuto-connect recommended

What Your Agent Can Do

Once connected, your agents have access to a wide range of GitHub tools:

Repositories

  • Search across your repositories.
  • Read file contents and directory listings.
  • Create or update files with commit messages.
  • List branches and tags.

Issues

  • Create new issues with labels and assignees.
  • Read and search existing issues.
  • Add comments to issues.
  • Close or reopen issues.

Pull Requests

  • List open pull requests.
  • Read PR details, diffs, and review comments.
  • Create new pull requests.
  • Add review comments.

Other

  • Search code across repositories.
  • Read organization and team information.
  • Access repository metadata (stars, forks, last updated).

Setup

Pencel supports GitHub OAuth via the Device Flow — no need to create or manage tokens.

  1. Open Settings > Connections.
  2. Click Add Connection and select GitHub from the catalog.
  3. Click Connect — Pencel displays a device code.
  4. Open the link shown (github.com/login/device) in your browser.
  5. Enter the device code and authorize Pencel.
  6. Return to Pencel. Your connection card shows "Connected."

Pencel requests repo, read:org, and read:user scopes during authorization.

Option B: Personal Access Token (Manual)

If you prefer to manage credentials yourself:

Step 1: Create a Personal Access Token

  1. Go to github.com/settings/tokens and click Generate new token (classic).
  2. Give it a descriptive name like "Pencel Agent."
  3. Set an expiration (90 days is a good balance between security and convenience).
  4. Select the scopes your workflows need:
    • repo — full access to private and public repositories
    • read:org — read organization membership (optional)
    • read:user — read user profile data (optional)
  5. Click Generate token and copy it immediately.

WARNING

Your token is shown only once. If you lose it, you need to generate a new one. Pencel stores it securely in your operating system's keychain.

Step 2: Add the Connection in Pencel

  1. Open Settings > Connections.
  2. Click Add Connection and select GitHub from the catalog.
  3. Paste your Personal Access Token into the credential field.
  4. Click Connect.

Pencel connects and discovers the available tools. You see the tool count on your connection card.

TIP

If you work with multiple GitHub organizations, create separate connections with tokens scoped to each org. Name them clearly — "GitHub (Engineering)" and "GitHub (Open Source)" — so your agents pick the right one.

Example: Weekly Code Review Summary

Imagine you want a weekly digest of all open pull requests across your team's repositories.

Workflow setup:

  1. Create a workflow called "Weekly Code Review Summary."
  2. Add a step with these instructions:

List all open pull requests in the repos: acme/backend, acme/frontend, and acme/infrastructure. For each PR, note the title, author, how long it has been open, and whether it has any review comments. Group them by repo and flag any PRs open longer than 5 days. Save the summary as a markdown file in the workspace.

  1. Schedule the workflow to run every Monday at 9:00 AM.

The agent pulls PR data from all three repos, organizes it into a readable report, and saves it — giving your team lead a quick view of what needs attention.

Example: Auto-Triage New Issues

Watch the acme/backend repository for issues created in the last 24 hours that have no labels. Read each issue's title and description, then add appropriate labels (bug, feature, question, documentation). If the issue mentions "urgent" or "production," also add the "priority:high" label and post a comment tagging @oncall-team.

This keeps your issue tracker organized without anyone manually sorting through new submissions.

Permissions and Security

GitHub tokens grant broad access. Follow these best practices:

  • Use fine-grained tokens when possible (GitHub's newer token format lets you limit access to specific repositories).
  • Set expiration dates — do not create tokens that never expire.
  • Rotate tokens every 90 days.
  • Use read-only scopes if your agents only need to read data. Remove the repo write scope if you do not need it.

INFO

Pencel logs every tool call your agent makes, including GitHub operations. You can review exactly which repositories and endpoints were accessed in the Runs panel.

Troubleshooting

ProblemSolution
"Bad credentials" errorYour token may be expired or revoked. Reconnect via OAuth or generate a new token at github.com/settings/tokens.
Cannot see private reposMake sure your token has the repo scope, or re-authorize via OAuth.
Rate limit exceededGitHub allows 5,000 requests per hour per token. If your agents hit this, spread runs across multiple tokens or reduce frequency.
"Not found" on a repo you ownCheck that the token's owner has access to the repository. Org repos may require SSO authorization.
Device code flow failsMake sure you enter the code at github.com/login/device before it expires (codes are valid for 15 minutes).