An MCP (Model Context Protocol) server enabling LLMs and AI agents to interact with Git repositories. Provides tools for comprehensive Git operations including clone, commit, branch, diff, log, status, push, pull, merge, rebase, worktree, tag management, and more, via the MCP standard. STDIO & HTTP.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"git-mcp-server": {
"env": {
"LOGS_DIR": "~/Developer/logs/git-mcp-server/",
"GIT_EMAIL": "casey@caseyjhand.com",
"GIT_BASE_DIR": "~/Developer/",
"GIT_USERNAME": "cyanheads",
"MCP_LOG_LEVEL": "info",
"GIT_SIGN_COMMITS": "true",
"MCP_TRANSPORT_TYPE": "stdio"
},
"args": [
"@cyanheads/git-mcp-server@latest"
],
"type": "stdio",
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Works with both Bun and Node.js. Runtime is auto-detected.
This server supports HTTP transport. Be the first to test it — help the community know if it works.
Five weighted categories — click any category to see the underlying evidence.
@cyanheads/git-mcp-server vulnerable to command injection in several tools
### Summary A command injection vulnerability exists in the `git-mcp-server` MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to `child_process.exec`, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possib
Click any tool to inspect its schema.
Git Working DirectoryThe current session working directory, set via git_set_working_dir
git://working-directory
Git Wrap-upWorkflow protocol for completing git sessions: review, document, commit, and tag changes
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in developer-tools
A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
Copy/paste detector for programming source code, supports 223 formats. AI-ready with token-efficient reporter, skill and MCP server.
XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.
Manage Supabase projects — databases, auth, storage, and edge functions
MCP Security Weekly
Get CVE alerts and security updates for Git Mcp Server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
A Git MCP server for AI agents. STDIO & Streamable HTTP.
28 git operations organized into seven categories:
| Category | Tools | Description |
|---|---|---|
| Repository Management | git_init, git_clone, git_status, git_clean | Initialize repos, clone from remotes, check status, clean untracked files |
| Staging & Commits | git_add, git_commit, git_diff | Stage changes, create commits, compare changes |
| History & Inspection | git_log, git_show, git_blame, git_reflog | View commit history, inspect objects, trace authorship, view ref logs |
| Analysis | git_changelog_analyze | Gather git context and instructions for LLM-driven changelog analysis |
| Branching & Merging | git_branch, git_checkout, git_merge, git_rebase, git_cherry_pick | Manage branches, switch contexts, integrate changes, apply specific commits |
| Remote Operations | git_remote, git_fetch, git_pull, git_push | Configure remotes, fetch updates, synchronize repositories, publish changes |
| Advanced Workflows | git_tag, git_stash, git_reset, git_worktree, git_set_working_dir, git_clear_working_dir, git_wrapup_instructions | Tag releases (list/create/delete/verify), stash changes, reset state, manage worktrees, set/clear session directory |
| Resource | URI | Description |
|---|---|---|
| Git Working Directory | `git:/ |