GitHub MCP exploited: Accessing private repositories via MCP

Alpha This system is experimental. Scores and classifications are early-stage research and may be unreliable. Methodology →

ND	GitHub MCP exploited: Accessing private repositories via MCP (invariantlabs.ai)
	508 points by andy99 288 days ago \| 297 comments on HN ~lite vlite-2.0

Summary ~lite

Critical vulnerability in GitHub MCP allows attackers to access private repository data.

Lite evaluation by llama-4-scout-wai-psq · editorial channel only · no per-section breakdown available

Longitudinal · 4 evals

Audit Trail 8 entries

2026-03-05 12:20	eval_success	PSQ evaluated: g-PSQ=0.210 (3 dims)	- -
2026-03-05 12:20	eval	Evaluated by llama-4-scout-wai-psq: +0.21 (Mild positive)
2026-03-05 12:14	eval_success	PSQ evaluated: g-PSQ=0.006 (3 dims)	- -
2026-03-05 12:14	eval	Evaluated by llama-3.3-70b-wai-psq: +0.01 (Neutral)
2026-03-01 19:45	eval_success	Lite evaluated: Mild positive (0.28)	- -
2026-03-01 19:45	eval	Evaluated by llama-4-scout-wai: +0.28 (Mild positive)
	reasoning ED, slightly positive lean on human rights
2026-03-01 19:43	eval_success	Lite evaluated: Mild positive (0.10)	- -
2026-03-01 19:43	eval	Evaluated by llama-3.3-70b-wai: +0.10 (Mild positive)
	reasoning Exposing GitHub MCP vulnerability

build ee2b489+gzrb · deployed 2026-03-10 22:52 UTC · evaluated 2026-03-08 02:36:46 UTC