Git
Connect GitHub or Gitea to let agent sessions clone private repos, push branches, open pull requests, and comment on issues — all without exposing credentials inside sessions.
Linking your account
Go to Settings → Git Accounts and connect GitHub or Gitea. flamel stores a token server-side. When a session starts, credentials are injected into the git_mcp server at runtime — they are never written to disk inside the session sandbox, and the provider never sees them directly.
What agents can do
Once linked, supported providers have access to a full set of Git operations via git_mcp:
| Operation | How it works |
|---|---|
| Clone | Private repos work — credentials injected automatically |
| Commit & push | To any branch you have write access to |
| Pull requests | Create, view, and comment via the GitHub/Gitea API |
| Issues | Create, view, comment, and close |
| CI/CD runs | List and view workflow runs |
Credential safety
The git_mcp binary handles all git network operations. Raw shell git commands invoked inside sessions go through it too — they never receive your token directly. If a session is compromised (e.g. via a malicious dependency), it cannot exfiltrate your Git credentials.