Hermes MCP SSE Bridge
A production-ready proxy that wraps a local stdio Hermes MCP server and exposes it over HTTP/SSE, so a Poke app on another machine can connect remotely.
Stdio to SSE
Spawns hermes mcp serve locally and exposes it over a persistent Server-Sent Events connection.
Bearer-token auth
Protect the /sse endpoint with a secret token so only your remote client can connect.
Production hardening
CORS control, structured logging with Winston, graceful shutdown, and systemd service example.
Zero framework lock-in
Plain Express + the official MCP SDK. Easy to read, easy to adapt, easy to audit.
Quick start
Install Node.js 20+ on the machine running Hermes.
Download or clone this bridge and run npm install && npm run build.
Set PORT, MCP_COMMAND, and AUTH_TOKEN in a .env file.
Start the bridge with npm start.
Point your remote Poke client at http://your-vps-ip:3000/sse.
git clone https://github.com/example/hermes-mcp-sse-bridge.git
cd hermes-mcp-sse-bridge
npm install
npm run build
npm startEnvironment variables
| Variable | Default | Purpose |
|---|---|---|
| PORT | 3000 | TCP port the HTTP server binds to. |
| HOST | 0.0.0.0 | Interface to bind. Use 127.0.0.1 behind a reverse proxy. |
| MCP_COMMAND | hermes mcp serve | Shell command that starts the stdio MCP server. |
| MCP_ARGS | "" | Extra arguments passed to the command. |
| AUTH_TOKEN | "" | If set, clients must send Authorization: Bearer <token>. |
| CORS_ORIGIN | * | Allowed CORS origin. Set to your Poke domain in production. |
| LOG_LEVEL | info | Winston log level. |
Security notes
The /sse endpoint forwards arbitrary JSON-RPC traffic to the local hermes process. Always protect it with AUTH_TOKEN and run behind TLS in production.
- Set a strong random AUTH_TOKEN (openssl rand -hex 32).
- Terminate TLS with Nginx, Caddy, or a Cloudflare Tunnel.
- Bind to 127.0.0.1 if a reverse proxy handles inbound traffic.
- Run the bridge under a dedicated unprivileged user account.
Files
Download the full bridge source or copy individual files into your own project.