diff --git a/.mcp.json b/.mcp.json
index 6532f8a..370b66f 100644
--- a/.mcp.json
+++ b/.mcp.json
@@ -12,6 +12,10 @@
       "type": "sse",
       "url": "http://localhost:8087/sse"
     },
+    "github": {
+      "type": "sse",
+      "url": "http://localhost:8088/sse"
+    },
     "playwright": {
       "type": "sse",
       "url": "http://playwright-mcp.playwright.svc.cluster.local:3000/sse"
diff --git a/CLAUDE.md b/CLAUDE.md
index 0584b1e..8847757 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -77,7 +77,7 @@ Container start
 | `chart/templates/pvc.yaml` | PersistentVolumeClaim for user home |
 | `chart/templates/service.yaml` | ClusterIP Service (VNC + optional SSH) |
 | `chart/values.yaml` | Default Helm values |
-| `.mcp.json` | MCP server connection config (Kubernetes, Flux, Playwright) |
+| `.mcp.json` | MCP server connection config (Kubernetes, Flux, GitHub, Home Assistant, Playwright) |
 | `Makefile` | Build/deploy automation |
 
 ### MCP Sidecars
@@ -88,11 +88,13 @@ MCP (Model Context Protocol) servers run as sidecar containers in the pod, enabl
 |---------|-------|---------|------|----------|---------|
 | `kubernetes-mcp` | `quay.io/containers/kubernetes_mcp_server` | v0.0.57 | 8080 | `http://localhost:8080/sse` | Enabled |
 | `flux-mcp` | `ghcr.io/controlplaneio-fluxcd/flux-operator-mcp` | v0.41.1 | 8081 | `http://localhost:8081/sse` | Enabled |
+| `github-mcp` | `ghcr.io/modelcontextprotocol/servers/github` | latest | 8088 | `http://localhost:8088/sse` | Enabled |
 | `homeassistant-mcp` | `ghcr.io/homeassistant-ai/ha-mcp` | 6.7.1 | 8087 | `http://localhost:8087/sse` | Disabled |
 
 **Note:**
 - Kubernetes and Flux sidecars require `clusterAccess` != `none` to be deployed (they need RBAC permissions)
 - Kubernetes and Flux sidecars inherit the pod's ServiceAccount RBAC permissions
+- GitHub sidecar uses `GITHUB_TOKEN` from the env secret (same token used for repo cloning)
 - Home Assistant sidecar requires `HOMEASSISTANT_URL` and `HOMEASSISTANT_TOKEN` in the env secret
 - Playwright MCP remains an external service
 
@@ -107,6 +109,8 @@ mcpSidecars:
     enabled: false
   flux:
     enabled: false
+  github:
+    enabled: false
   homeassistant:
     enabled: false
 
@@ -116,6 +120,8 @@ mcpSidecars:
     enabled: true  # Keep Kubernetes MCP enabled
   flux:
     enabled: false # Disable Flux MCP
+  github:
+    enabled: true  # Keep GitHub MCP enabled (uses GITHUB_TOKEN)
   homeassistant:
     enabled: true  # Enable Home Assistant MCP (requires secrets)
 ```
diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
index 4921ea2..040da5d 100644
--- a/chart/templates/deployment.yaml
+++ b/chart/templates/deployment.yaml
@@ -151,7 +151,7 @@ spec:
         - name: homeassistant-mcp
           image: "{{ .Values.mcpSidecars.homeassistant.image.repository }}:{{ .Values.mcpSidecars.homeassistant.image.tag }}"
           imagePullPolicy: Always
-          command: ["fastmcp", "run", "ha_mcp.main:app", "--transport", "sse", "--sse-server-host", "0.0.0.0", "--sse-server-port", "{{ .Values.mcpSidecars.homeassistant.port }}"]
+          command: ["fastmcp", "run", "ha_mcp.main:app", "--transport", "sse", "--host", "0.0.0.0", "--port", "{{ .Values.mcpSidecars.homeassistant.port }}"]
           ports:
             - name: homeassistant
               containerPort: {{ .Values.mcpSidecars.homeassistant.port }}
@@ -181,6 +181,38 @@ spec:
           resources:
             {{- toYaml .Values.mcpSidecars.homeassistant.resources | nindent 12 }}
         {{- end }}
+        {{- if .Values.mcpSidecars.github.enabled }}
+        - name: github-mcp
+          image: "{{ .Values.mcpSidecars.github.image.repository }}:{{ .Values.mcpSidecars.github.image.tag }}"
+          imagePullPolicy: Always
+          args:
+            - --sse
+            - --port={{ .Values.mcpSidecars.github.port }}
+          ports:
+            - name: github
+              containerPort: {{ .Values.mcpSidecars.github.port }}
+          env:
+            - name: GITHUB_PERSONAL_ACCESS_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "antigravity.envSecretName" . }}
+                  key: github-token
+                  optional: true
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.mcpSidecars.github.port }}
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: {{ .Values.mcpSidecars.github.port }}
+            initialDelaySeconds: 5
+            periodSeconds: 5
+          resources:
+            {{- toYaml .Values.mcpSidecars.github.resources | nindent 12 }}
+        {{- end }}
       volumes:
         - name: workspace
           emptyDir: {}
diff --git a/chart/values.yaml b/chart/values.yaml
index 4bd13d6..d3e4139 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -108,3 +108,16 @@ mcpSidecars:
       limits:
         memory: "256Mi"
         cpu: "500m"
+  github:
+    enabled: true  # Enabled by default, uses GITHUB_TOKEN from env
+    image:
+      repository: ghcr.io/modelcontextprotocol/servers/github
+      tag: latest  # Update to specific version once available
+    port: 8088
+    resources:
+      requests:
+        memory: "64Mi"
+        cpu: "50m"
+      limits:
+        memory: "256Mi"
+        cpu: "500m"