Switch github MCP to gh auth token, removing need for plaintext PAT in env

The github MCP entry in .mcp.json previously read $GITHUB_TOKEN from the shell environment, requiring developers to keep a plaintext PAT in their shell rc files. That token was readable by every child process spawned from that shell (npm postinstall scripts, MCP servers, ad-hoc CLIs), making accidental exfiltration a real concern.

The new pattern launches the MCP via a bash wrapper that runs `gh auth token` at startup, pulling the credential from the macOS Keychain (or gh's credential store on other platforms). No plaintext token needs to live in the shell environment.

Side benefit: `gh auth login` issues an OAuth token with default scopes `gist, read:org, repo, workflow`, dropping the admin-level scopes that typical PATs carry (admin:org, delete_repo, package admin, etc.). The `repo` scope still covers all everyday dev operations -- opening PRs, commenting, merging, branch/commit work -- so no real functionality is lost.

CLAUDE.md gets a new "MCP Servers" section documenting the github MCP setup with the gh-auth-login flow. This repo previously had no MCP-related docs, so this also brings it into line with the conventions in the sibling Hoist repos.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: amcclain

.mcp.json

@@ -1,18 +1,11 @@
 {
   "mcpServers": {
     "github": {
-      "command": "docker",
+      "command": "bash",
       "args": [
-        "run",
-        "-i",
-        "--rm",
-        "-e",
-        "GITHUB_PERSONAL_ACCESS_TOKEN",
-        "ghcr.io/github/github-mcp-server"
-      ],
-      "env": {
-        "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_TOKEN}"
-      }
+        "-c",
+        "GITHUB_PERSONAL_ACCESS_TOKEN=\"$(gh auth token)\" exec docker run -i --rm -e GITHUB_PERSONAL_ACCESS_TOKEN ghcr.io/github/github-mcp-server"
+      ]
     },
     "jetbrains": {
       "url": "http://localhost:${JETBRAINS_MCP_PORT:-64342}/sse",

CLAUDE.md

@@ -85,3 +85,33 @@ Prettier config (`.prettierrc.json`):
 - 4-space indent, 100 char print width
 - Single quotes, no bracket spacing, no trailing commas
 - Arrow parens: avoid
+
+## MCP Servers
+
+### GitHub MCP Server (opt-in)
+
+A Docker-based server providing GitHub API tools (issues, PRs, code search, etc.) via the
+official `github-mcp-server` image. Configured in `.mcp.json` but **not enabled by default** —
+it requires Docker and an authenticated GitHub CLI, which not every developer keeps running.
+
+**To enable:**
+
+1. Install and start **Docker**.
+2. Install the **GitHub CLI** (`brew install gh`) and authenticate with `gh auth login`. The
+   server invokes `gh auth token` at startup to fetch a token from the macOS Keychain (or
+   `gh`'s credential store on other platforms), so no plaintext token needs to live in your
+   shell environment.
+3. Add `"github"` to `enabledMcpjsonServers` in `.claude/settings.local.json` (local settings
+   merge with the shared `settings.json` — enabling locally does not affect other developers):
+   ```json
+   {
+     "enabledMcpjsonServers": ["github"]
+   }
+   ```
+
+If Docker is not running or `gh` is not authenticated when the server is enabled, Claude Code
+may show errors on startup — remove `"github"` from your local settings to resolve.
+
+**Fallback when not enabled:** The `gh` CLI provides functionally equivalent access to the same
+operations (`gh pr view`, `gh issue list`, `gh api`, `gh pr create`, etc.). Prefer `gh` over
+crafting raw `curl` calls to the GitHub API.