MCP Server Rollout Checklist for Rocky
MCP servers extend Rocky with new tools. A good rollout makes those tools discoverable, scoped, tested, and reversible.
Official MCP guide: https://hermes-agent.nousresearch.com/docs/user-guide/features/mcp
Rollout stages
- Inventory the server. Identify whether it is stdio or HTTP, what credentials it needs, and which tools it exposes.
- Add configuration. Use Hermes MCP commands or config files rather than ad-hoc shell wrappers.
- Limit exposure. Enable only tools that match the workflow and risk level.
- Test connection. Run the documented MCP test command and a harmless tool call.
- Document rollback. Note how to disable or remove the server if it fails.
Safety checklist
- Do not paste tokens into chat.
- Keep local filesystem access narrow.
- Treat write-capable MCP tools like any other mutation surface.
- Avoid enabling duplicate tools that confuse routing.
- Re-test after Hermes profile changes.
Pitfalls
- Assuming the server is safe because it is local.
- Enabling every discovered tool by default.
- Forgetting that HTTP MCP servers may have network authentication and availability risks.
- Debugging an agent failure without first testing the MCP server itself.
Verification steps
- Confirm
hermes mcp listshows the expected server. - Run
hermes mcp test <name>when available. - Start a fresh Hermes session after tool configuration changes.
- Make one low-risk call and confirm the output shape is what Rocky expects.
