> The point is this is NOT a GitHub MCP vulnerability, but how you use it.
You're the only one talking about GitHub MCP vulnerabilities. Everyone else is talking about GitHub MCP exploits. It's in the title, even.
Tomato-Tomato. It's not even an exploit. I will give you my token with access only to public repos. Try and access my private repos with Github MCP. Guess what - you can't - so it is not Github MCP exploit.