You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+8-3Lines changed: 8 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -983,9 +983,10 @@ The following sets of tools are available:
983
983
-`fields`: Specific list of field IDs to include in the response when getting a project item (e.g. ["102589", "985201", "169875"]). If not provided, only the title field is included. Only used for 'get_project_item' method. (string[], optional)
984
984
-`item_id`: The item's ID. Required for 'get_project_item' method. (number, optional)
985
985
-`method`: The method to execute (string, required)
986
-
-`owner`: The owner (user or organization login). The name is not case sensitive. (string, required)
986
+
-`owner`: The owner (user or organization login). The name is not case sensitive. (string, optional)
987
987
-`owner_type`: Owner type (user or org). If not provided, will be automatically detected. (string, optional)
988
-
-`project_number`: The project's number. (number, required)
988
+
-`project_number`: The project's number. (number, optional)
989
+
-`status_update_id`: The node ID of the project status update. Required for 'get_project_status_update' method. (string, optional)
989
990
990
991
-**projects_list** - List GitHub Projects resources
991
992
-**Required OAuth Scopes**: `read:project`
@@ -997,11 +998,12 @@ The following sets of tools are available:
997
998
-`owner`: The owner (user or organization login). The name is not case sensitive. (string, required)
998
999
-`owner_type`: Owner type (user or org). If not provided, will automatically try both. (string, optional)
999
1000
-`per_page`: Results per page (max 50) (number, optional)
1000
-
-`project_number`: The project's number. Required for 'list_project_fields'and 'list_project_items' methods. (number, optional)
1001
+
-`project_number`: The project's number. Required for 'list_project_fields', 'list_project_items', and 'list_project_status_updates' methods. (number, optional)
1001
1002
-`query`: Filter/query string. For list_projects: filter by title text and state (e.g. "roadmap is:open"). For list_project_items: advanced filtering using GitHub's project filtering syntax. (string, optional)
1002
1003
1003
1004
-**projects_write** - Modify GitHub Project items
1004
1005
-**Required OAuth Scopes**: `project`
1006
+
-`body`: The body of the status update (markdown). Used for 'create_project_status_update' method. (string, optional)
1005
1007
-`issue_number`: The issue number (use when item_type is 'issue' for 'add_project_item' method). Provide either issue_number or pull_request_number. (number, optional)
1006
1008
-`item_id`: The project item ID. Required for 'update_project_item' and 'delete_project_item' methods. (number, optional)
1007
1009
-`item_owner`: The owner (user or organization) of the repository containing the issue or pull request. Required for 'add_project_item' method. (string, optional)
@@ -1012,6 +1014,9 @@ The following sets of tools are available:
1012
1014
-`owner_type`: Owner type (user or org). If not provided, will be automatically detected. (string, optional)
1013
1015
-`project_number`: The project's number. (number, required)
1014
1016
-`pull_request_number`: The pull request number (use when item_type is 'pull_request' for 'add_project_item' method). Provide either issue_number or pull_request_number. (number, optional)
1017
+
-`start_date`: The start date of the status update in YYYY-MM-DD format. Used for 'create_project_status_update' method. (string, optional)
1018
+
-`status`: The status of the project. Used for 'create_project_status_update' method. (string, optional)
1019
+
-`target_date`: The target date of the status update in YYYY-MM-DD format. Used for 'create_project_status_update' method. (string, optional)
1015
1020
-`updated_field`: Object consisting of the ID of the project field to update and the new value for the field. To clear the field, set value to null. Example: {"id": 123456, "value": "New Value"}. Required for 'update_project_item' method. (object, optional)
Copy file name to clipboardExpand all lines: docs/server-configuration.md
+54-1Lines changed: 54 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,6 +9,7 @@ We currently support the following ways in which the GitHub MCP Server can be co
9
9
|---------------|---------------|--------------|
10
10
| Toolsets |`X-MCP-Toolsets` header or `/x/{toolset}` URL |`--toolsets` flag or `GITHUB_TOOLSETS` env var |
11
11
| Individual Tools |`X-MCP-Tools` header |`--tools` flag or `GITHUB_TOOLS` env var |
12
+
| Exclude Tools |`X-MCP-Exclude-Tools` header |`--exclude-tools` flag or `GITHUB_EXCLUDE_TOOLS` env var |
12
13
| Read-Only Mode |`X-MCP-Readonly` header or `/readonly` URL |`--read-only` flag or `GITHUB_READ_ONLY` env var |
13
14
| Dynamic Mode | Not available |`--dynamic-toolsets` flag or `GITHUB_DYNAMIC_TOOLSETS` env var |
14
15
| Lockdown Mode |`X-MCP-Lockdown` header |`--lockdown-mode` flag or `GITHUB_LOCKDOWN_MODE` env var |
@@ -20,10 +21,12 @@ We currently support the following ways in which the GitHub MCP Server can be co
20
21
21
22
## How Configuration Works
22
23
23
-
All configuration options are **composable**: you can combine toolsets, individual tools, dynamic discovery, read-only mode and lockdown mode in any way that suits your workflow.
24
+
All configuration options are **composable**: you can combine toolsets, individual tools, excluded tools, dynamic discovery, read-only mode and lockdown mode in any way that suits your workflow.
24
25
25
26
Note: **read-only** mode acts as a strict security filter that takes precedence over any other configuration, by disabling write tools even when explicitly requested.
26
27
28
+
Note: **excluded tools** takes precedence over toolsets and individual tools — listed tools are always excluded, even if their toolset is enabled or they are explicitly added via `--tools` / `X-MCP-Tools`.
29
+
27
30
---
28
31
29
32
## Configuration Examples
@@ -170,6 +173,56 @@ Enable entire toolsets, then add individual tools from toolsets you don't want f
170
173
171
174
---
172
175
176
+
### Excluding Specific Tools
177
+
178
+
**Best for:** Users who want to enable a broad toolset but need to exclude specific tools for security, compliance, or to prevent undesired behavior.
179
+
180
+
Listed tools are removed regardless of any other configuration — even if their toolset is enabled or they are individually added.
0 commit comments