Hermes Hub exposes a Model Context Protocol (MCP) endpoint that maps MCP tools onto supported Hub REST operations.
Endpoint
https://<hub-host>/mcp
Standalone deployments may expose a different host or port, but the MCP path is
still /mcp.
Transport
Hermes Hub uses MCP Streamable HTTP:
GET /mcpfor server-sent event streams.POST /mcpfor JSON-RPC messages.DELETE /mcpfor session teardown.
Authentication
HTTP MCP requests require:
Authorization: Bearer <token>
The token must authorize Hub management operations. Do not send tenant runtime keys to the MCP endpoint.
Tool Response Shape
Tools return MCP text content containing JSON from the underlying Hub operation. An empty successful REST response is returned as:
{"ok": true}
Tenant Management Tools
list_tenants
Lists all tenants. Secret keys are redacted.
Input: {}.
get_tenant
Gets one tenant.
Input:
{"tenant_id": "tenant_123"}
create_tenant
Creates a tenant. The input body follows the REST CreateTenantRequest shape.
Common fields include id, displayName, agent, storage, browser, and
flavor.
update_tenant
Updates mutable tenant fields. Only supplied fields are changed.
Input includes tenant_id plus fields from the REST UpdateTenantRequest
shape.
delete_tenant
Deletes one tenant.
Input:
{"tenant_id": "tenant_123"}
set_tenant_access
Sets tenant access to active or blocked.
Input includes tenant_id plus the REST access update fields such as status,
message, and reason.
Tenant Skill Tools
list_tenant_skills
Lists installed skills for a tenant, grouped by category.
Input:
{"tenant_id": "tenant_123"}
list_tenant_skill_files
Lists files belonging to one skill.
Input:
{
"tenant_id": "tenant_123",
"category": "content",
"skill": "writer"
}
get_tenant_skill_file
Reads one tenant skill file.
Input:
{
"tenant_id": "tenant_123",
"path": "content/writer/SKILL.md"
}
Share Filesystem Tools
These tools operate on department or team shares visible to a tenant. Read-only tools require membership. Mutating tools require write access.
list_shares
Lists department shares a tenant can access.
Input:
{"tenant_id": "tenant_123"}
list_share_files
Lists files in a share.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": ""
}
read_share_file
Reads a text file from a share.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "notes/report.md",
"offset": 0,
"limit": 200
}
offset and limit are optional. limit: 0 returns all content allowed by
the server.
stat_share_path
Stats a share path.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "notes/report.md"
}
grep_share
Searches a share with a Go regular expression.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "notes",
"pattern": "invoice|receipt",
"max": 50,
"ignore_case": true
}
find_share_files
Finds share paths by optional glob pattern.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": ".",
"name": "*.md",
"max": 100
}
write_share_file
Writes or appends a file. Requires write access.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "notes/report.md",
"content": "text",
"mode": "overwrite"
}
mode may be omitted for overwrite or set to append.
make_share_dir
Creates a directory. Requires write access.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "notes"
}
move_share_path
Moves a file or directory inside a share. Requires write access.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"from": "draft.md",
"to": "archive/draft.md"
}
remove_share_path
Removes a share path. Requires write access.
Input:
{
"tenant_id": "tenant_123",
"group_id": "division1",
"path": "archive/draft.md",
"recursive": false
}
recursive is required for non-empty directories.
Agent Cron Tools
list_tenant_crons
Lists tenant agent cron jobs.
Input:
{"tenant_id": "tenant_123"}
get_tenant_cron
Gets one cron job.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123"
}
create_tenant_cron
Creates an agent cron job. The job object follows the active Hermes Agent
cron schema.
Input:
{
"tenant_id": "tenant_123",
"job": {
"name": "Daily summary",
"schedule": "0 9 * * *",
"prompt": "Summarize yesterday's updates"
}
}
update_tenant_cron
Patches an existing cron job.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123",
"patch": {
"enabled": false
}
}
delete_tenant_cron
Deletes one cron job.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123"
}
pause_tenant_cron
Pauses one cron job.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123"
}
resume_tenant_cron
Resumes one cron job.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123"
}
run_tenant_cron
Triggers one cron job immediately.
Input:
{
"tenant_id": "tenant_123",
"job_id": "job_123"
}
Settings Tools
get_tenant_impact_config
Gets the tenant-impacting Hub configuration view.
Input: {}.
patch_tenant_impact_config
Patches tenant-impacting configuration.
Input:
{"patch": {"feature": {"enabled": true}}}
The patch shape is defined by the Hub configuration schema.
get_agent_policy
Gets the hub-wide agent policy.
Input: {}.
put_agent_policy
Replaces the hub-wide agent policy document.
Input:
{"policy": {"features": {"enabled": []}}}
get_agent_specialization
Gets hosted-agent specialization text and status.
Input: {}.
put_agent_specialization
Sets hosted-agent specialization text.
Input:
{"content": "Default hosted-agent instructions."}
Context Sync Tool
sync_context
Copies a tenant context folder to a destination directory reachable by the MCP server process.
Input:
{
"tenant_id": "tenant_123",
"destination": "/sync/tenant_123",
"dry_run": true,
"delete": false
}
dry_run previews changes. delete removes destination files that are missing
from the source and is permitted only when the server has been configured with
an allowlisted destination root.
Safety Notes
- Do not include bearer tokens in prompts, logs, or persisted MCP transcripts.
- Treat all tool responses as tenant or operator data.
- Use read-only tools first when exploring.
- Mutating share tools require write access and should be used only for intentional updates.