SSE and HTTP Deployments
Security Risk
Use SSE or Streamable HTTP only if your IDE or GenAI client cannot use stdio. Using SSE or Streamable HTTP mode with this locally deployed MCP may present a security risk as this mode does not support runtime isolation and your JWT token will not be isolated to a session ID.
SSE and Streamable HTTP Deployment configurations
We do not recommend using SSE or Streamable HTTP with a locally hosted MCP Server due to inherent security limitations:
- No runtime isolation: The MCP process shares its environment with your host.
- JWT tokens are not session-scoped: Tokens are valid globally, not tied to a session ID.
- Increased attack surface: Any exposed HTTP endpoint can potentially be abused.
If you MUST use this mode (e.g., your IDE or GenAI client cannot use stdio). It is recommended to limit your exposure by:
- Limit to 1 user, 1 API key per NodeZero MCP Server instance.
- Do not expose the endpoint to untrusted networks.
- Consider running in a sandboxed environment or isolated container.
Sample configuration JSON for enabling on with an IDE
"<your-mcp-server-name>": {
"type": "sse",
"command": "docker",
"args": [
"run", "-i", "--rm",
"-e", "H3_API_KEY",
"horizon3ai/h3-mcp-server:latest",
"sse", "8000"
],
"env": {
"H3_API_KEY": "${input:h3_api_key}"
},
"inputs": [
{
"type": "promptString",
"id": "h3_api_key",
"description": "H3 API Key",
"password": true
}
]
}
"<your-mcp-server-name>": {
"type": "http",
"command": "docker",
"args": [
"run", "-i", "--rm",
"-e", "H3_API_KEY",
"horizon3ai/h3-mcp-server:latest",
"streamable-http", "8000"
],
"env": {
"H3_API_KEY": "${input:h3_api_key}"
},
"inputs": [
{
"type": "promptString",
"id": "h3_api_key",
"description": "H3 API Key",
"password": true
}
]
}
Manual Deployment
Setup the NodeZero MCP Server container-
Run the container manually with a descriptive name <your-container-name>
:
docker run -d --name <your-container-name> \
-e H3_API_KEY={your-key-here} \
horizon3ai/h3-mcp-server:latest
Stop it with:
docker stop <your-container-name>
Stdio Mode (Attach-Only via IDE)
"<your-mcp-server-name>": {
"type": "stdio",
"command": "docker",
"args": ["run", "-i", "--rm", "horizon3ai/h3-mcp-server:latest"]
}
SSE Mode (Attach-Only via IDE)
"<your-mcp-server-name>": {
"type": "sse",
"url": "http://localhost:8000/sse"
}
Streamable HTTP Mode (Attach-Only via IDE)
"<your-mcp-server-name>": {
"type": "http",
"url": "http://localhost:8000/mcp"
}