My Hermes Agent runs in a Docker container. It can execute code, search the web, and manage files — but until now, it couldn't talk to my Postgres database on Neon without me tunneling a psql connection or pasting query results into the chat. That's clunky. I wanted the agent to query my database directly, on its own, as a first-class tool.
The solution was MCP — the Model Context Protocol. Neon provides an official MCP server, and Hermes Agent has a native MCP client built in. The setup took about five minutes and zero code.
> What is MCP?
MCP (Model Context Protocol) is an open standard that lets AI tools expose capabilities to agents through a unified interface. Think of it like USB for AI — any MCP-compatible agent can connect to any MCP server and immediately use its tools, no custom integration needed.
Neon's MCP server exposes tools like `run_sql`, `list_projects`, `describe_table_schema`, `list_slow_queries`, and more. Instead of writing a custom integration or piping psql output, the agent just calls these tools directly and gets structured JSON back.
> The Architecture
Here's how it fits together: - Hermes Agent runs inside a Docker container with its own filesystem, terminal, and tool suite - Neon MCP Server runs as a remote hosted service at `https://mcp.neon.tech/mcp` — no local install needed - Connection uses HTTP StreamableHTTP transport — the agent connects to the Neon server over HTTPS, authenticates with an API key, and discovers available tools automatically - Data flow — agent calls `mcp_neon_run_sql` → Hermes MCP client → HTTPS request → Neon MCP server → your Postgres database → results back as JSON
No psql binary. No SSH tunnel. No port forwarding. The agent doesn't even need network access to the database directly — it talks to Neon's API, which handles the connection.
> Why This Matters for Containerized Agents
Running an agent inside Docker means you aggressively limit what it can access. No host filesystem, no localhost databases, no arbitrary network connections. That's the whole point — containment.
But that creates a tension: how do you give the agent useful database access without punching holes in the container?
MCP solves this cleanly. The agent only needs outbound HTTPS to `mcp.neon.tech`. It never touches the database port (5432) or any SSH infrastructure. The MCP server acts as a secure, authenticated proxy that translates tool calls into database operations and returns structured results.
> Read-Only by Default
I configured the MCP connection with `readonly=true`. This means: - ✅ Can do: `SELECT` queries, describe schemas, list tables, explain query plans, list slow queries - ❌ Cannot do: `INSERT`, `UPDATE`, `DELETE`, `CREATE TABLE`, run migrations, create/delete branches or projects This is the right default for an agent that needs to read and analyze data but shouldn't be modifying production tables on its own. If I ever need write access for a specific task, I can remove the `readonly` flag — but I'd rather explicitly opt in than accidentally `DROP TABLE`.
The `projectId` parameter also scopes the connection to a single Neon project, so the agent can't even see my other projects.
> The Config
Adding the MCP server to Hermes is a few lines in `~/.hermes/config.yaml`: ```yaml mcp_servers: neon: url: "https://mcp.neon.tech/mcp?readonly=true&projectId=YOUR_PROJECT_ID" headers: Authorization: "Bearer YOUR_NEON_API_KEY" timeout: 120 connect_timeout: 60 ``` After adding that, restart the gateway (`/restart` in Telegram or relaunch the CLI). Hermes discovers the Neon server, registers all its tools with the prefix `mcp_neon_`, and they're immediately available in every conversation.
> What the Agent Can Do Now
With the MCP server connected, here are some things I can just ask in chat: - "What tables are in my database?" — `mcp_neon_get_database_tables` - "Describe the schema of the races table" — `mcp_neon_describe_table_schema` - "Run this SELECT query" — `mcp_neon_run_sql` - "What are the slowest queries?" — `mcp_neon_list_slow_queries` - "Explain the query plan for this SQL" — `mcp_neon_explain_sql_statement` - "Compare the schema between two branches" — `mcp_neon_compare_database_schema` All of these return structured JSON that the agent can reason over, chain together, or format for me. No copy-pasting psql output.
> The Bigger Picture
MCP is a game-changer for self-hosted agents. It gives you the modularity of microservices without the overhead of custom API integrations. Any tool that exposes an MCP server — databases, file systems, search engines, version control — can be plugged in with a few lines of config.
For containerized agents specifically, it removes the need to install database clients, configure SSH tunnels, or expose ports. The agent talks HTTPS to the MCP server, and the MCP server talks to the database. Clean separation.
My setup now: Hermes Agent in Docker, GLM-5.1 via Ollama Cloud for inference, SearXNG for search, and Neon MCP for database access. Each piece does one job, and they connect through standard protocols instead of custom glue code.
That's how it should be.