JustAppSec
Back to news

GitHub MCP Server secret scanning ships to general availability

2 min readPublished 05 May 2026Source: GitHub Changelog
NewsSecrets ManagementAI SecurityDeveloper Tooling

TL;DR - Secret scanning in the GitHub MCP Server is now GA. MCP-compatible agents can detect exposed credentials in local changes before a commit lands or a PR opens. Detection behaviour follows your existing push protection configuration, so no separate policy to maintain.

What happened

GitHub MCP Server is GitHub's Model Context Protocol endpoint - it lets MCP-compatible AI agents and IDE workflows talk directly to GitHub features. On 5 May 2026, GitHub moved secret scanning inside that server to general availability.

The goal is simple: catch leaked credentials before they reach a remote branch. An MCP-compatible AI coding agent or IDE can now call the scanning tooling on staged or in-progress changes, flagging secrets at the point of authorship rather than at push time.

One thing worth getting right on the platform side: the MCP server secret scanning tools honour your existing push protection customisation, including bypass workflows. That means the behaviour you've already tuned at the repo and org level carries through automatically. No parallel policy configuration.

"Secret scanning tools in the MCP server now honor your existing push protection customization"

Secret leakage remains one of the fastest real-world paths to cloud account compromise, and AI-assisted coding raises the odds of accidental credential inclusion - autocomplete doesn't know your .env file is private. Pushing scanning into the agent edit loop is the right direction. For broader context on managing this risk, see our secrets management research hub and the API key security guide.

Who is impacted

  • Organisations using GitHub secret scanning and wanting it surfaced inside MCP-enabled developer workflows.
  • Repositories with GitHub Secret Protection enabled - GitHub explicitly scopes this feature to repos where Secret Protection is active.
  • Teams adopting MCP-compatible AI coding agents or IDEs, including GitHub Copilot CLI and Visual Studio Code with Copilot Chat.

What to do now

  • Follow GitHub's setup guidance for enabling secret scanning via the GitHub MCP server in your developer environment.
  • Confirm that every repo which should benefit actually has GitHub Secret Protection enabled - the feature is gated on that.
  • Review your org and repo push protection customisation and bypass workflows. MCP scanning will follow those same rules, so tighten anything you've left loose.
  • If you want the dedicated secret scanning experience, GitHub offers an optional Advanced Security plugin path:
    • In GitHub Copilot CLI: run /plugin install advanced-security@copilot-plugins.
    • In Visual Studio Code: install the advanced-security agent plugin, then invoke /secret-scanning in Copilot Chat.
  • Set a team norm for agent-assisted development: ask the agent to scan staged or current changes for secrets before committing, then address the specific files and lines it flags.
  • Treat any detection as a potential exposure until you've confirmed otherwise. If a real credential was committed or shared, rotate it immediately via your provider's standard process and audit recent usage.
Need help?Get in touch.