Open
Description
Describe the feature or problem you’d like to solve
Add support for managing users SSH key related operations:
List users' SSH keys
Get details about a user's SSH key
Add a public key
Proposed solution
How will it benefit GitHub MCP Server and its users?
Adding these features will benefit the GitHub MCP Server and its users by allowing them to manage and debug issues related to SSH keys associated with their GitHub account.
Users will be able to effectively manage their SSH keys which can help in resolving frequent permission denied errors encountered during git operations (pull/push etc).
Additional context
The motivation behind adding these tools is to ensure users have their SSH keys correctly configured, as we receive numerous requests concerning permission denied messages.
Metadata
Metadata
Assignees
Labels
Type
Projects
Milestone
Relationships
Participants
Activity
[-]Add support for managing users' SSH key related operations:[/-][+]Add support for managing users SSH key related operations[/+]SamMorrowDrums commentedon Jun 7, 2025
Hey thanks for this, I am little concerned to add this because in all honesty the risk of Indirect Prompt Injection being exploitable is made much worse by being able to trick an agent into setting SSH keys on an account to get access to all private repos.
So I am not sure we would be able to integrate the change.
Retrieving public keys is ok but private is a can of worms with MCP security.
glendsoza commentedon Jun 8, 2025
Hi, thanks for taking the time to review
I agree that there is a risk of prompt injection when adding a private key to the account.
With that being said, if I remove the tool to add_users_public_ssh_key, will this enhancement be considered then?
SamMorrowDrums commentedon Jun 8, 2025
I was thinking that at first, but I'd like to check internally with some folks.