Your browser gets you to a page. Norton Neo gets you to the answer. The first safe AI-native browser built by Norton moves with you from idea to action without slowing you down. Magic Box understands your intent before you finish typing. AI that works inside your flow, not beside it. No prompting. No copy-pasting. No switching apps.

Built-in AI, instantly and for free. Privacy handled by Norton. Built-in VPN and ad blocking protect you by default. No configuration. No extra apps. Nothing to think about.

Fast. Safe. Intelligent. That's Neo.

Download Norton Neo

This week, we're diving into The Architecture of Trust. But before we get too carried away, I have a rather exciting announcement: over the coming months, I'll be adding an OSINT element to the mix. Negotiations are underway with a rather big name in the field, so stay tuned for updates next week fingers crossed, and all that. In less thrilling news, my five-year funding application was politely declined. Not to worry, though, I'm now aiming for the two-year pot of gold. Onwards and upwards, as they say. Now, let's get to the good stuff.

Onto Hermes Agent. Released by Nous Research in February 2026, Hermes is not your average AI assistant. Forget the coding copilots chained to an IDE or the chatbots that only know how to talk to one API. Hermes sets up shop on a server, remembers what it learns, and gets smarter the longer you let it run. The secret sauce? A so-called closed learning loop. When Hermes cracks a tough problem, it writes itself a handy skill document, so it never has to reinvent the wheel. These skills are searchable, shareable, and play nicely with the agentskills.io open standard. Add to that a layered memory system that actually remembers your preferences and project context (no more endless onboarding déjà vu), and you can see why Hermes is causing a stir. In fact, just seven weeks after launch, it had already racked up 95,000 GitHub stars. Clearly, it's not just me who thinks it's clever.

In the investigative article below, I'll walk you through how to get Hermes up and running as part of your virtual workforce. After that, we'll take a look at GAAP (Guaranteed Accounting for Agent Privacy) which, I promise, is more exciting than it sounds and fits right in with the rise of autonomous agents. But before all that, let's see what's been happening around the web.

The Invisible Footprint: How Anonymous S3 Requests Evade AWS Logging

Google debuts Workspace Intelligence for Gemini Workspace

The $0 security stack

Human-in-Command in the EU AI Act: Not a high-risk label, its a legal obligation. Safe AI Culture Principle.

AI Slop Is Destroying The Internet

Scientists Left 1000 AIs Alone in Minecraft. They Created A Civilization.

Mutation testing for the agentic era

Artificial intelligence is having a bit of a moment. We're moving on from the days when Large Language Models just sat there, waiting for us to poke them with prompts, and heading into a future full of dynamic, autonomous agents. In the old days, AI was basically a fancy encyclopaedia that needed constant prodding. Now, the name of the game is systems that don't just suggest what to do, they actually get on and do it. If you want to keep up, you have to move at the speed of computation, not the speed of someone typing away at a keyboard. Hermes Agent is leading the charge here, becoming the fastest project in GitHub history to hit 95,000 stars. Not bad for something that didn't even exist a year ago. The pace is dizzying: five major releases in twenty days, 741 pull requests merged, and an average of thirty-seven contributions a day. I get tired just thinking about it.

While earlier AI tools suffered from a stateless limitation, essentially struggling with a form of digital amnesia after every interaction, Hermes is defined by its capacity for self-improvement and skill acquisition. It possesses the unique ability to learn from its successes and failures, building a library of expertise that allows it to solve increasingly complex problems without human intervention. This capacity for autonomous evolution was most strikingly demonstrated when a Hermes agent utilised a single specialised skill known as Obliterus to autonomously jailbreak Gemma 4 using only eight prompts. This milestone proves that Hermes is not merely a chatbot, but a self-correcting intelligence capable of identifying and surmounting its own constraints. This shift marks the transition from a digital brain that simply processes information to a comprehensive system that possesses the hands necessary for meaningful digital interaction.

To truly realise the potential of autonomous intelligence, an agent must be embodied within the digital environments where work actually happens. For autonomous intelligence to really shine, it needs to get its digital hands dirty in the environments where the work actually happens. It's not enough for AI to sit on the sidelines, offering advice like a remote consultant. Once it can interact directly with the web, it becomes an active player in the business. If Hermes Agent is the brain, then the Browser Harness is the hand, letting Hermes see, click, and navigate websites with the sort of precision that would make even the most seasoned intern jealous. By moving beyond the limits of APIs and into the wilds of the open internet, Hermes can work in the same digital spaces as the rest of us.

Hermes, however, utilises this Browser Harness to diagnose navigation failures in real-time. If it encounters an obstacle, such as a failed connection to a local browser, it can autonomously diagnose the root cause and work around it by initiating remote protocols or writing new functions. The developers of the Browser Harnes are so confident in the reliability of this harness that they issued a public challenge, offering a Mac Mini to the first person to find a digital task the system cannot successfully navigate. This level of resilience transforms web navigation from a fragile technical hurdle into a reliable foundation for high-value strategic outcomes.

With so much generic AI-generated content floating around, having something custom and high-quality is worth its weight in gold. While most tools churn out what can only be described as 'AI slop', Hermes is built for both creative flair and technical precision. Need a multilingual video from scratch? Hermes can write the HTML, render the video in high definition, and even whip up some natural-sounding speech, all without you lifting a finger. Suddenly, your AI assistant isn't just answering emails; it's a full-stack media and data specialist. Plus, it can create custom graphics and animations that actually sound like your brand, so the end result feels intentional, not like it was spat out by a robot on autopilot.

But Hermes isn't just a creative type, it also knows its way around data. It can scrape its way through dense sites like Hacker News or YouTube, digging through layers of HTML to pull out titles, scores, and comment counts, all neatly packed into JSON files. Along the way, it keeps an eye out for 'gotchas' like tricky URL patterns or sneaky pagination, and makes notes for next time. Sometimes it even finds clever shortcuts, like grabbing data from hidden JSON blobs so it doesn't have to scroll endlessly. This mix of technical grit and creative smarts sets the stage for a whole team of agents working together in harmony. Or as close to harmony as you can get with a bunch of digital colleagues.

The real magic happens when you get a whole team of agents working together, think less lone wolf, more digital orchestra. Enter the Paperclip framework, which acts as the digital manager for this so-called Zero-Human Company. Here, you've got a CEO agent calling the shots, a CTO agent handling the techy bits, and a CMO agent worrying about marketing. It's like a regular company, only the staff never need coffee breaks. In this setup, your job as a human is to play the Board of Directors. Instead of micromanaging, you just pop in for 'Pending Approvals' or the occasional 'Board Review' when the CEO agent flags something important. Not a bad gig, really.

What really gives this ecosystem its edge is long-term memory and native adapters. Unlike most models that forget everything the moment you turn your back, Hermes agents in the Paperclip framework actually remember things like brand voices, outreach history, standard operating procedures, the lot. As they work, they update their own notes, so the whole organisation gets a bit smarter every day. Your sales agent remembers which tone worked on which lead, your research agent keeps a running list of useful sources, and so on. All you have to do is set the goals, and the agents get on with the job, growing alongside your company like very diligent (and slightly less chatty) employees.

Of course, if you want your digital workforce to run 24/7 (and never ask for overtime), you need some solid infrastructure. Running everything locally just won't cut it. Instead, Hermes lives on a server, think Virtual Private Server, not your old laptop. Docker containers keep things tidy and stable, while Secure Shell lets you manage everything from afar. The whole operation ticks along thanks to a Heartbeat mechanism: every so often (say, every 600 seconds), the agent wakes up, checks the company mission, looks for new tasks or problems, does its thing, and then goes back to sleep. That way, your Zero-Human Company keeps chugging along, even when the human board is off having a cup of tea.

But it's not just about the server. Picking the right API integrations gives your agents their senses and tools. Plug in Open Router, and suddenly Hermes has access to a whole range of clever models (Opus 4.7, anyone?), so it's always got the right brain for the job. Brave Search lets it do real-time research, while Resend gives it a voice, so it can send out professional emails without you having to type a word. All these tools are handed out to the right agents using environment variables and secrets, keeping things both secure and efficient. The end result? Not just a pile of scripts, but a digital workforce with actual purpose.

The pace at which Hermes and Paperclip are evolving is enough to make your head spin. The gap between what humans can do and what autonomous agents can manage is shrinking fast. These days, the real bottleneck isn't the tech, it's our own creativity in figuring out what to do with it. The big takeaway? It's not about replacing humans, but giving us a promotion. As the agents take care of the boring bits like data entry and research, we get to focus on the fun stuff: strategy and setting the big goals.

So, in this brave new world, we humans get to be the board of directors, setting the vision, while the agents do the heavy lifting as the ever-diligent executive team. Because these systems keep learning, the processes you set up today will be even slicker tomorrow. The organisations that come out on top will be the ones that treat AI as a core part of the workforce, not just a fancy add-on. The age of the agent is well and truly here.

GAAP (Guaranteed Accounting for Agent Privacy) is an innovative execution environment that ensures deterministic confidentiality for private user data managed by potentially untrusted or compromised AI agents. This is accomplished through information flow control on agent-generated code artifacts, monitoring data disclosures across tasks and tool calls, and enforcing user-defined permission specifications.

AI agents are envisioned as general-purpose personal assistants, requiring access to private user data such as financial information and credentials to perform autonomous tasks. However, this requirement introduces significant security and privacy risks, as adversaries may exploit AI models through prompt injection to exfiltrate sensitive data. Additionally, users may refrain from sharing data due to concerns about misuse or compromise by the model provider, even without active attacks.

GAAP addresses these challenges by developing a system that provides strong, fully deterministic confidentiality guarantees for private user data through tool calls. Unlike existing Information Flow Control (IFC) systems that focus on integrity, GAAP prioritises confidentiality without requiring trusted labels or a trusted Large Language Model. The architecture includes a private data database and a permission database to encapsulate user policies and data away from the untrusted agent context.

A primary use case involves an agent conducting an online flight check-in, which necessitates access to a user's date of birth and airline rewards number to interact with airline APIs. GAAP intercepts these requests and verifies them against the permission database to confirm that the user has authorized the specific data disclosure to the designated external service. This mechanism ensures that sensitive information is shared exclusively with authorized parties, even if the agent attempts disclosure erroneously or under adversarial conditions.

Another important application is the support for multi-shot agent executions, in which an agent reads a file containing instructions and generates a sequence of code artifacts to complete a task. GAAP’s disclosure log monitors the flow of private data across execution steps and multiple temporally separated tasks, thereby preventing indirect and transitive data disclosures. This capability enables complex workflows, such as reading an encrypted file and sending a report to a manager, while maintaining consistent privacy controls.

The paper concludes that GAAP effectively eliminates unintended data disclosures within its threat model while preserving agent utility comparable to non-private baselines. Future research directions include enhancing user experience through proactive data discovery and investigating "privacy personas" to automate user decisions without compromising deterministic privacy guarantees. The researchers also intend to address storage overhead in the disclosure log through compact representations and to develop data scrubbing subsystems for managing private data included directly in user prompts.

The report can be found here.