toolhive VS github-mcp-server

With the new network isolation features in ToolHive, you don’t have to trust. You can verify – and enforce.

GitHub

At Stacklok, we created ToolHive because we saw a gap in running MCP servers easily but also securely. As security engineers, we knew there had to be a better way.

This looks interesting, but anytime security is offloaded to an LLM I am extremely skeptical. IMO the right way to do this is to enforce permissions explicitly through a AuthZ policy. Something like what Toolhive [0] is doing is the right way I think.

All MCP comms from client to server go through an SSE proxy which has AuthN and AuthZ enabled. You can create custom policies for AuthZ using Cedar [1].

[0] https://github.com/stacklok/toolhive, https://github.com/stacklok/toolhive/blob/main/docs/authz.md

Building on our earlier discussion about enterprises needing dedicated hosting for MCP servers and ToolHive's Kubernetes-based solution, we're excited to announce our new Kubernetes Operator for ToolHive. This specialised tool streamlines the secure deployment of MCP servers to Kubernetes environments for enterprise and engineers.

For more details, check out the README .

The team at Stacklok, empowered by our CEO, Craig McLuckie (and co-creator of Kubernetes), recently released ToolHive, an open source project that offers a convenient way to run MCP servers with familiar technologies with authentication, authorization and network isolation. Let’s take a closer look at how ToolHive and Kubernetes come together to support MCP in an enterprise environment.

As more teams start deploying MCP servers to power tool-calling agents, one question comes up fast: how do you control who can call what? It’s not just about verifying identity, it’s about enforcing the right permissions, without bloating every server with bespoke auth logic. ToolHive was built to solve exactly this problem. It separates authentication from authorization, integrates cleanly with existing identity providers, and uses Amazon’s Cedar policy language to define clear, auditable access rules. The result is a simple but powerful way to lock down tool access without embedding auth logic into every server you run.

We are excited about the potential of Model Context Protocol (MCP) servers and inspired to make it more consistent to set up, easier to configure and overall secure. So, we're releasing ToolHive as an open-source project that uses existing technology (e.g. Docker and Kubernetes) for better packaging, security utilities, and more. Let's build on MCP together!

I built (upon https://github.com/github/github-mcp-server/) a MCP (Model Context Protocol) server that integrates with VS Code's Copilot in Agent mode using SSE and GitHub APIs.

No client-side setup required — just add a .vscode/mcp.json config pointing to the server.

instructions: http://13.39.253.143

GitHub has released a new open-source Model Context Protocol (MCP) server as part of its latest GitHub Copilot update . Announced in April 2025, the release marks GitHub’s first implementation of the MCP standard developed by Anthropic. The new server is a complete rewrite in Go, preserving “100% of the old server’s functionality” while adding improvements like customizable tool descriptions, integrated code scanning, and a new get_me function for natural language queries e.g. “show me my private repos”.

- workflows/{WorkflowName}/cancel – Terminate workflow

We’ve also implemented Temporal for durable execution [6], so agent workflows can be paused, resumed and retried in production settings.

This demo [7] shows Claude invoking an MCP agent server, running workflows when appropriate, and polling for status. It basically shows agentic behavior on both the MCP client and MCP server side.

We're excited about the potential this unlocks—especially as more applications become MCP-compatible clients. We'd love your feedback and ideas!

[1] - https://news.ycombinator.com/item?id=42867050

[2] - https://github.com/lastmile-ai/mcp-agent

[3] - https://www.anthropic.com/research/building-effective-agents

[4] - https://github.com/github/github-mcp-server

[5] - https://github.com/lastmile-ai/mcp-agent/tree/main/examples/...

[6] - https://github.com/lastmile-ai/mcp-agent/tree/main/examples/...

[7] - https://github.com/user-attachments/assets/f651af86-222d-4df... [DEMO]

Here are the official instructions from GitHub- https://github.com/github/github-mcp-server.

GitHub offers an official GitHub MCP Server that enhances AI assistants with GitHub capabilities: https://github.com/github/github-mcp-server

We can now add the github mcp config.

Announced a few weeks ago, the GitHub MCP Server allows you to get additional context from any GitHub repo, providing details about those repos such as commits, issues, pull requests and more.

FROM ghcr.io/sparfenyuk/mcp-proxy:latest ENV VERSION=0.2.0 ENV ARCHIVE_NAME=github-mcp-server_Linux_x86_64.tar.gz RUN wget https://github.com/github/github-mcp-server/releases/download/v$VERSION/$ARCHIVE_NAME -O /tmp/$ARCHIVE_NAME \ #1 && tar -xzvf /tmp/$ARCHIVE_NAME -C /opt \ #2 && rm /tmp/$ARCHIVE_NAME #3 RUN chmod +x /opt/github-mcp-server #4

The easiest way to get started is using the one-click installation buttons that GitHub provides in the repository README.