Use MCP servers in Goose with Toolport
Toolport is a free, open source local MCP gateway. Add your servers to Toolport once, flip the Goose toggle, and Goose gets all of them through a single gateway entry, with lazy discovery loading 3 meta-tools instead of every server's full tool list.
Setup
- Download Toolport for Windows, macOS or Linux, and add your MCP servers to it (or import the ones your clients already have; secrets go to your OS keychain).
- Open the Clients tab and toggle Goose on. Toolport writes its gateway entry into Goose's config, next to anything already there.
- Restart or reload Goose. Your full server set is available through Toolport, and any server you add later shows up without touching Goose again.
Where Goose keeps its MCP config
- Windows
%APPDATA%\Block\goose\config\config.yaml - macOS
~/Library/Application Support/Block/goose/config.yaml - Linux
~/.config/goose/config.yaml
YAML: an extensions map (cmd/envs fields, Goose's own schema).
Good to know
- config.yaml also holds your model configuration, so Toolport edits only the extensions entry and never rewrites the rest of the file.
Running local models?
Lazy discovery asks the model to search for tools before calling them, and small local models (7B class) often aren't up to that flow. With a capable model it works well; with a smaller one, have Toolport expose the full tool catalog instead, which any model with basic tool calling can use. Either way your servers, keys and traffic stay on your machine, which is the point of running local in the first place.
Why a gateway instead of Goose's own server list?
- One setup, every client. The same servers work in Goose and every other client on your machine; add a server once and they all get it.
- Up to 91% fewer tool tokens. Instead of every server dumping its tool list into context, the agent loads 3 meta-tools and searches on demand (measured).
- Secrets in the OS keychain. API keys are injected at runtime and never sit in Goose's config file.
- Watched by default. Rug-pull and tool-poisoning detection on every tool, plus per-tool governance and a destructive-tool kill switch. How the security works.