Describe the bug

Say you are user "hacker" who is signed into VS Code with this GitHub account, and somehow you get the PAT (Personal Access Token) of a user "victim". You can use this PAT to do actions in the "victim" user's account despite being logged in as "hacker" in VS code.

This can also be thought of as an exploit to use GitHub copilot in accounts that don't have the required subscription.

Affected version

GitHub MCP Server
Version: v0.2.1
Commit:9fa582d
Build Date: 2025-04-21T23:03:01Z

Steps to reproduce the behavior

Same as in description

Expected vs actual behavior

This should raise an alert email to the "victim" and the PAT should be auto revoked.