Scaling GitHub for your Agents — Sam Morrow, GitHub
Key Takeaways
Describes the architectural decisions and technical challenges of scaling GitHub's MCP server on production infrastructure
Original Description
GitHub operates one of the most heavily-utilised MCP servers in the ecosystem, with over 4 million downloads of the stdio server alone. Discover the architectural decisions, technical challenges and lessons learned while building and scaling a remote MCP server on production infrastructure. The session walks through the journey from initial implementation to horizontal scaling, covering the specific challenges of condensing a platform as expansive as GitHub into a coherent MCP interface. Attendees will learn practical strategies for managing tool overload, optimizing context usage, implementing distributed session storage, and maintaining observability without compromising user privacy. Whether building a first remote server or optimizing an existing implementation, attendees will gain concrete patterns, anti-patterns, and architectural guidance from real production experience.
Key Takeaways:
• Architecture patterns for stateless, horizontally scalable remote MCP servers
• Practical approaches to tool proliferation and context window constraints
• Why a focus on auth, security and privacy is essential to success
Speaker info:
https://www.linkedin.com/in/sammorrow
https://github.com/SamMorrowDrums
Timestamps:
0:00:29 - Overview of GitHub's MCP public launch and community growth.
0:02:06 - Challenges of tool proliferation and impact on agent context.
0:03:21 - Mitigation via "tool sets" and dynamic discovery.
0:05:54 - Optimizing API output tokens to improve efficiency.
0:06:44 - Improving reliability through intent-based tool design.
0:08:14 - Security strategy: OAuth 2.1 and PKCE implementation.
0:10:40 - Managing prompt injection and security vulnerabilities.
0:12:35 - Using OAuth scopes for granular tool filtering.
0:13:47 - Stateless server architecture and Redis session management.
0:15:18 - Experimental features and human-in-the-loop UX.
0:16:30 - Future outlook: Compositional tools and automation.
0:18:04 - Final project metrics: Downloads, forks, and volum
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
More on: Backend Performance
View skill →Related AI Lessons
⚡
⚡
⚡
⚡
The Only Git Commands You Actually Need — 47 Patterns for Daily Work
Dev.to · The AI producer
Common Next.js Errors (and How I Solved Them)
Dev.to · gary killen
Applying Scalability in Backend (CodeBuddy)
Medium · LLM
Why Every Backend Developer Should Learn Nginx Before Going to Production
Medium · DevOps
Chapters (12)
0:29
Overview of GitHub's MCP public launch and community growth.
2:06
Challenges of tool proliferation and impact on agent context.
3:21
Mitigation via "tool sets" and dynamic discovery.
5:54
Optimizing API output tokens to improve efficiency.
6:44
Improving reliability through intent-based tool design.
8:14
Security strategy: OAuth 2.1 and PKCE implementation.
10:40
Managing prompt injection and security vulnerabilities.
12:35
Using OAuth scopes for granular tool filtering.
13:47
Stateless server architecture and Redis session management.
15:18
Experimental features and human-in-the-loop UX.
16:30
Future outlook: Compositional tools and automation.
18:04
Final project metrics: Downloads, forks, and volum
🎓
Tutor Explanation
DeepCamp AI