repohunt
GitHub discovery MCP that expands an intent into keyword queries, searches GitHub's Search API and ranks deduped repos.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for repohunt, derived from its capabilities.
AIVSS 7.5 ยท High
View MAESTRO 7-layer threat model โOverview
repohunt lets AI agents discover GitHub repositories by expanding an intent into multiple keyword queries, hitting GitHub's live Search API and returning deduplicated, ranked candidates with README excerpts and metadata. Security surface: it uses a GITHUB_TOKEN, and returned README/metadata content is untrusted text flowing into the agent.
Key features
- Intent-to-multi-query expansion
- Live GitHub Search API
- Deduped, ranked results
- README excerpts and metadata
Use cases
- Find relevant repos for a task
- Automated OSS discovery