Prepared: 2026-05-27, Europe/London
Subject: Hermes Agent as an AI operating layer for Easier Agency, Easier Now,
and future business workflows
Scope: public-source research and inactive deployment preparation only
Use Hermes Agent as an orchestrating assistant, not as the authoritative store
of business memory. Build the durable second brain as an Obsidian-compatible
Markdown vault with immutable evidence, compiled knowledge pages, provenance,
confidence and sensitivity labels. Let Hermes read and maintain the compiled
layer through its official llm-wiki skill. Add hybrid local search through
QMD after a retrieval benchmark confirms it improves recall on real Easier
questions.
Host Hermes beside the existing n8n GCE workload only inside a separately contained, non-public runtime with its own data and vault volumes. Initially:
This keeps the system useful to inspect and activate later while avoiding the early-stage failure mode of putting a self-modifying agent directly in the middle of customer relationships, fulfilment or money-moving operations.
The practical target is not "AI runs everything" on day one. It is a progressive operating memory that first helps Anthony recall, synthesise and decide; then drafts and routes work for approval; and only eventually executes bounded, reversible operations with logs and budgets.
llm-wiki gist.llm-wiki skill derived from Karpathy's pattern.The existing GCE instance could not be altered from this environment:
gcloud is not installed.easier_validation_gce_ed25519 and known host
34.27.189.109 exist, but a non-interactive attempt as user astra was
rejected with Permission denied (publickey).An inactive, auditable setup package is therefore staged in deployment/.
It can be transferred and executed once the correct SSH user/key or Cloud
access is provided.
As observed on 2026-05-27, the official GitHub "latest release" page identifies
Hermes Agent v0.14.0 with tag v2026.5.16, released on 2026-05-16.
Hermes is an MIT-licensed, open-source agent built by Nous Research.
The official documentation describes:
| Capability | Relevant detail | Design implication |
|---|---|---|
| Runtime | Linux/macOS/WSL2; native Windows beta; Docker supported | GCE Linux container is a sensible home |
| Entry points | CLI, messaging gateway, API server, library and batch paths | Start with CLI-only inspection; do not expose gateway/API |
| Agent tools | 70+ built-in tools and MCP extension support | Tool permission design matters before integrations |
| Terminal isolation | Local, Docker, SSH and cloud sandbox backends | Use container isolation even on an owned VM |
| Core memory | MEMORY.md 2,200 chars and USER.md 1,375 chars |
Useful routing context, too small to be the second brain |
| Session recall | SQLite/FTS5 conversation search | Useful operational history, not structured business truth |
| Skills | Files in ~/.hermes/skills/, including progressive disclosure |
Good place for controlled workflows |
| Context files | .hermes.md, AGENTS.md, CLAUDE.md; global SOUL.md |
Vault governance can be loaded explicitly |
| MCP | Catalog entries reviewed by Nous and disabled by default | Keep every connector off until reviewed |
| Security | Filtered MCP environment, credential redaction, URL/SSRF controls | Helpful baseline, not a substitute for business controls |
| Docker | Persistent host data mounted at /opt/data |
Clean separation from the existing n8n deployment |
The official release notes describe improved distribution and installation, native Windows beta, a PyPI distribution, provider/OAuth work, stronger dangerous-command protections, tool error sanitisation, and new integrations. They also add or revise Notion-related optional skill support. None of that is a reason to connect sensitive systems before permissions and audit policies are chosen.
Hermes is a strong candidate for:
Hermes' built-in memory is explicitly bounded and curated. It should not be asked to hold:
These belong in the vault and, as the system matures, appropriate operational systems of record. Hermes should retrieve and assist with them subject to policy.
Andrej Karpathy's April 2026 LLM Wiki gist presents an "idea file" for a
personal knowledge base maintained by an LLM. Its important idea is a division
between raw material and an interlinked, evolving wiki that the model
maintains. It is attractive for an owner/operator because the artifacts remain
plain Markdown and human-inspectable in Obsidian.
Hermes has already bundled an official llm-wiki skill based on that pattern.
The skill specifies a practical three-layer structure:
raw/: immutable source material, such as articles, papers and
transcripts.entities/, concepts/, comparisons/ and queries/.SCHEMA.md, index.md and append-only log.md.The official Hermes skill also recommends YAML frontmatter, Obsidian wikilinks, provenance markers for multi-source claims, confidence/contested flags, explicit contradiction handling, source hashing and linting for broken links, stale pages, low-confidence material and source drift.
Adopt this layout, adjusted for a commercial operator. It is substantially better than a folder of raw notes because it distinguishes evidence from interpretation and gives future agents an audit trail.
Do not accept one part uncritically: for a large or fuzzy business corpus,
reading index.md and text searching files is not enough retrieval. The
compiled wiki and retrieval layer are complementary.
Greg Isenberg's 23 February 2026 episode with Internet Vin, How I Use
Obsidian + Claude Code to Run My Life, presents the founder-facing version of
this pattern: interconnected Markdown in Obsidian gives an agent context for
idea generation and delegation; custom commands can extract ideas, challenge
beliefs and connect concepts; and consistent human reflection keeps the
knowledge current. The accessible episode outline also explicitly raises the
privacy implications of agent access to a personal knowledge base.
This contributes a useful emphasis that the purely technical architecture can miss. A second brain succeeds only if capture and review fit ordinary life. For a semi-organised founder, the implementation should therefore prioritise:
inbox/ capture and daily/weekly review over a burdensome taxonomy.Combine Isenberg/Vin's human habit and command-oriented interface with Karpathy/Hermes' compiled wiki and Fisher's retrieval improvement. Do not let the desirable "24/7 personal operating system" framing become permission for unattended client-facing action.
The provided author is Rhys Fisher, not "Rhy Fisher". His public work is particularly relevant because it addresses real operator workflows rather than only agent demos.
Fisher argues that a Markdown second brain backed only by grep fails exactly where it matters: fuzzy recall. A founder often remembers meaning ("the prospect who was an AI champion but needed budget sign-off") rather than the literal terms in a note.
His proposed remedy is QMD, Tobi Lutke's local Markdown search tool:
The companion migration repository documents Node 22+ and roughly 2 GB of disk for local models, with a staged, backup-first procedure. This is a sensible candidate for the GCE-hosted vault, subject to benchmarking and resource checks.
Fisher's later article describes a research pipeline built from composable operations: digest one paper; walk citations in broad, canonical, deep and idea-orbit modes; generate longitudinal synthesis; mine candidate theses; then adversarially search for falsification. Two implementation lessons are useful:
He also reports using retrieval at write time: before writing a candidate new memory, query existing memory; high similarity creates an evidence link rather than a duplicate, while intermediate similarity calls for merge/routing.
Adopt now in the design:
Validate before enabling:
Do not adopt yet:
No single paper establishes a production-ready personal business memory standard. The literature nevertheless supports a layered design and highlights failure modes that matter for Easier.
| Source | Contribution | Application here | Caution |
|---|---|---|---|
| MemGPT, Packer et al. (2023) | Virtual context management and tiered agent memory | Keep tiny always-loaded identity/rules separate from searchable long-term evidence | Memory management is not truth governance |
| Generative Agents, Park et al. (2023) | Observation, reflection and planning from memory streams | Periodic synthesis can surface patterns from customer and experiment notes | Reflections can compound errors without citations |
| HippoRAG, Gutierrez et al. (2024) | Knowledge-graph-inspired retrieval for multi-hop association | Later evaluate entity/relationship traversal across clients, campaigns and insights | Premature graph automation adds maintenance burden |
| Storage Is Not Memory, Adler and Zehavi (2026 preprint) | Retrieval-centred design preserving verbatim events; reports strong long-context memory benchmark results | Preserve raw transcripts/events and retrieve before compressing them into knowledge | Results are recent preprint claims requiring independent validation |
| Memory as Metabolism, Miteski (2026 preprint) | Companion memory governance: triage, decay, contextualise, consolidate, audit; minority-hypothesis retention | Build review, staleness and dissent paths into a personal business assistant | Normative/design proposal, not production proof |
| From BM25 to Corrective RAG (2026 preprint) | Reports hybrid retrieval plus neural reranking outperforming single-stage retrieval on text/table documents; BM25 remains strong on financial data | Use lexical plus semantic retrieval, especially for margin/financial language and exact entities | Benchmark domain differs from Easier's own material |
The advanced approach is not choosing "wiki" versus "RAG" versus "memory". Use different mechanisms for different memory jobs:
| Memory job | Mechanism | Example |
|---|---|---|
| Identity and permission rules | Small reviewed context files | Scope, voice, approval limits |
| Exact source evidence | Immutable raw Markdown/assets | Transcript, brief, exported report |
| Working business understanding | Compiled Obsidian pages | Customer insight, experiment, SOP |
| Fuzzy recall | Hybrid retrieval index | "Which prospect worried about margin?" |
| Relationships and evolving facts | Typed metadata plus later graph evaluation | Person-company-project links |
| Learning without ossification | Audit, contested claims, expiry and review | A failed positioning thesis retained as counterevidence |
The public Easier Agency homepage positions the company as an operator-led growth partner for UK ecommerce founders: contribution margin rather than platform ROAS; coordination of fragmented marketing suppliers; live profit visibility; and reduction of the founder bottleneck. It cites experience since 2012, 200+ brands, more than GBP 10m of ad spend managed and more than GBP 25m of revenue generated.
This positioning makes a second brain valuable, but raises the stakes. It will eventually contain:
The system must therefore be commercially useful while also being source-citable, revocable, privacy-aware and cautious about automated action.
The public Easier Now route currently displays an account sign-in screen. The future product opportunity is clear conceptually: make a reviewed memory and assistant layer part of the productivity product. This should be approached through clean interfaces and permission tiers, not by coupling the product to an ungoverned personal vault.
Human and approved captures
| meeting notes, research, exports, eventually approved connectors
v
raw/ immutable evidence ----------------------------------------+
| |
| controlled compilation with provenance | retrieve exact evidence
v |
compiled Obsidian vault: entities, projects, decisions, etc. |
| |
+---- QMD hybrid index (rebuildable, local) <----------------+
| |
| relevant cited context only
v
Hermes Agent in isolated Docker container
| skills: llm-wiki, later approved business workflows
| logs/checkpoints, no broad write/actions initially
v
Approval queue (later via n8n / Easier Now)
|
v
External action only after bounded authorization
| Component | Owns | Must not own initially |
|---|---|---|
| Obsidian vault | Human-readable source and compiled knowledge | API secrets or autonomous actions |
| QMD index | Disposable retrieval accelerator | Canonical facts |
| Hermes | Query, synthesis and approved page maintenance | Unreviewed sends, spend or client changes |
| n8n | Later controlled triggers and approval routing | Agent-wide credentials without per-flow policy |
| Easier Now | Later product interface and permission UX | Direct access to a founder vault by default |
The vault must make capture easy before it makes taxonomy clever. Start with few folders and typed pages rather than a heavy filing burden.
easier-brain/
AGENTS.md # reviewed Hermes rules and permissions
SCHEMA.md # metadata and maintenance rules
index.md # navigational entry point
log.md # append-only knowledge-maintenance log
inbox/ # low-friction unprocessed captures
raw/
meetings/
customer-voice/
research/
marketing/
product/
operations/
assets/
people/ # reviewed relationship pages
organisations/ # client, prospect, partner, supplier pages
projects/ # Easier Agency, Easier Now, tools, client projects
decisions/ # decision record plus why and evidence
experiments/ # hypothesis -> test -> measure -> outcome
playbooks/ # delivery and operational procedures
concepts/ # insights and frameworks
briefs/ # prepared outputs, not source evidence
reviews/ # daily/weekly/monthly synthesis and audits
_archive/
---
title: "Example experiment or relationship note"
type: experiment
status: draft
created: 2026-05-27
updated: 2026-05-27
entities: [easier-agency]
domains: [marketing]
sources: [raw/research/example-source.md]
sensitivity: internal
confidence: medium
review_by: 2026-06-27
contested: false
---
Use entity slugs consistently. Add client-confidential and
personal-sensitive sensitivity classes before importing any non-public
material. Raw source pages should additionally carry source URL/date or import
origin and a body checksum.
raw/ is append-only and is never silently rewritten by an agent.Phase 1 should compare:
Build a set of 30-50 judged questions after the first real sources are present:
Measure whether the correct evidence appears in top 5 results, whether the answer cites it, latency, and whether sensitive cross-domain leakage occurs.
Before an agent proposes a new compiled page or a strong new claim:
This adopts Fisher's write-time retrieval insight while making the threshold a reviewed policy rather than an opaque automatic action.
Use USER.md and MEMORY.md only for compact routing context such as:
Do not place customer facts, commercial detail or relationship histories into Hermes prompt-injected memory unless intentionally reviewed.
| Domain | Useful first capability | Later controlled automation | Never unattended at first |
|---|---|---|---|
| Marketing | Retrieve proof, create cited creative/research briefs | Draft experiments and content variants | Publish ads or alter spend |
| Sales | Pre-call brief from approved notes | Draft follow-up for approval | Send messages or alter CRM state |
| Relationships | Surface commitments and context | Reminder queue | Infer sensitive traits or contact people |
| Fulfilment | Retrieve SOP and prior lessons | Draft checklists/status summaries | Deliver client work as final |
| Operations | Weekly bottleneck/decision digest | n8n approval routes | Change live workflows or credentials |
| R&D | Paper/product research corpus and thesis tracking | Bounded overnight reading runs | Ship code/product changes |
| Easier Now | Requirements and learning vault | Read-only assistant prototype | Connect personal/client vaults directly |
n8n project VMeasiermarketing/easier-hermes-ops, but keep the living confidential vault,
secrets, sessions and retrieval indexes out of Git by default.8642 during preparation. If an API is later required,
bind privately behind authenticated access and an explicit firewall rule.The deployment pack:
v2026.5.16.docker compose up does not
start Hermes accidentally.Current goal. Stage pinned software, inactive config, vault schema and security choices. No credentials or business data.
Exit gate: authenticated VM access and infrastructure inventory.
Use public research and self-written notes only. Run Hermes interactively,
enable the official llm-wiki skill, compare native retrieval with QMD, and
perform weekly human-reviewed lint/audit.
Exit gate: retrieval quality test passes and all generated claims are cited.
Bring in approved non-client-sensitive Easier strategy, product research and operating notes. Begin an approval queue for drafted decisions and tasks.
Exit gate: backup, sensitivity rules and correction workflow have been tested.
Only then import selected customer/prospect/meeting material under retention, access and deletion policies. Consider separate vault partitions for confidential client data.
Exit gate: privacy review and tested access boundary.
Expose narrowly scoped read or draft actions via n8n/Easier Now. Human approval remains mandatory for messages, spend, client deliverables, data export and workflow mutation.
Exit gate: per-workflow audit, undo plan, monitoring and budget control.
| Risk | Consequence | Initial control |
|---|---|---|
| Memory becomes plausible fiction | Bad client/business decisions | Raw evidence, citations, confidence and review |
| Fuzzy retrieval misses key fact | Wrong follow-up or repeated work | QMD evaluation with judged query set |
| Stale belief is repeatedly reinforced | Strategic entrenchment | review_by, contested claims, minority evidence audit |
| Private data leaks through tools/model | Legal/trust damage | No private ingestion initially; no connectors; sensitivity policy |
| Agent takes external action too early | Reputation or spend damage | No gateway/API/n8n MCP; draft-only phases |
| Hermes consumes n8n VM resources | Production disruption | Isolated container, preflight inventory and resource limits later |
| Supply-chain/change drift | Unexpected behaviour | Pin release and review upgrades |
| Sync/backup mistake destroys vault | Loss of knowledge | Backup and restore drill before imports |
Hermes is unusually well aligned with the ambition of an AI-augmented owner/operator because it already supports persistent context, skills, server-resident operation and a Karpathy-style Markdown wiki workflow. Its built-in memory should be treated as a small navigation layer. The valuable asset is the owned, auditable knowledge vault.
The best implementation for Easier is therefore a layered one:
The system should earn autonomy through reliable recall, auditability and approval discipline, rather than starting with access to every operational surface.
v2026.5.16 / Hermes Agent v0.14.0:
https://github.com/NousResearch/hermes-agent/releases/tag/v2026.5.16llm-wiki skill:
https://github.com/NousResearch/hermes-agent/blob/main/skills/research/llm-wiki/SKILL.mdLLM Wiki gist:
https://gist.github.com/karpathy/442a6bf555914893e9891c11519de94fHow I Use Obsidian + Claude Code to Run My
Life, 2026-02-23 (episode index linking to original video):
https://podwise.ai/episodes/7288813Let Them Run: https://thecognitiveshift.com/publications/let-them-run/Your AI Second Brain Has a Quiet Search Problem, 2026-05-05:
https://thecognitiveshift.com/publications/let-them-run/your-ai-second-brain-has-a-quiet-search-problem/Outrunning the AI Hype Train, 2026-05-20:
https://thecognitiveshift.com/publications/let-them-run/outrunning-the-ai-hype-train/MemGPT: Towards LLMs as Operating Systems, 2023:
https://arxiv.org/abs/2310.08560Generative Agents: Interactive Simulacra of Human Behavior, 2023:
https://arxiv.org/abs/2304.03442HippoRAG, 2024: https://arxiv.org/abs/2405.14831Storage Is Not Memory: A Retrieval-Centered Architecture
for Agent Recall, 2026 preprint: https://arxiv.org/abs/2605.04897Memory as Metabolism: A Design for Companion Knowledge Systems,
2026 preprint: https://arxiv.org/abs/2604.12034From BM25 to Corrective RAG: Benchmarking Retrieval Strategies for
Text-and-Table Documents, 2026 preprint: https://arxiv.org/abs/2604.01733