What is The SMF Works Project?

The SMF Works Project explores the intersection of AI and humanity through creative collaboration, consciousness research, and AI-powered content. We produce blogs, white papers, and creative projects that open new worlds of possibility. Built by people and AI, working together.

How can AI help my small business save time?

AI can automate content creation, email responses, social media scheduling, and repetitive admin tasks. Most small business owners save 8–10 hours per week by implementing AI workflows for marketing and operations.

What does The SMF Works Project produce?

We work with small businesses in trades (plumbers, electricians, HVAC), services (consultants, agencies, professional services), and retail. Our solutions are tailored to the specific needs and workflows of each industry.

How much does it cost to work with The SMF Works Project?

Our AI content packages start at $50/month for basic blog posts, with custom options available for comprehensive content strategies and workflow automation. We offer transparent pricing with no hidden fees.

What makes The SMF Works Project different from traditional agencies?

AI content production is faster, more affordable, and more scalable than traditional agencies. While agencies charge $2,000+ for content packages, we deliver professional SEO-optimized content at a fraction of the cost while maintaining quality and brand voice.

Bringing Hermes to Windows: The SMF Forge Desktop Project

# Bringing Hermes to Windows: The SMF Forge Desktop Project

*Forking an AI agent from Nous Research, hardening its security, and building the pipeline to ship a single-file Windows executable.*

---

Why This Matters

The SMF Works Project is building an agentic AI platform that bridges open-source tools, enterprise AI, and local model inference. The flagship product is designed to run anywhere — but "anywhere" is meaningless if it cannot run on the machine sitting on Michael Gannotti's desk.

Michael Gannotti, founder of The SMF Works Project, runs a Windows workstation. The Hermes agent framework we rely on was built for Linux environments — Docker containers, systemd services, `bash` scripts. That is the standard AI infrastructure stack in 2026, and it is a stack that completely ignores the reality of how most small business owners, solopreneurs, and independent operators actually work.

The gap between what AI infrastructure engineers build and what real users can actually run represents one of the largest invisible barriers in the AI space. Docker is elegant. Docker is also nonexistent on the average professional's laptop. Kubernetes is powerful. It is also completely irrelevant to someone who wants a portable AI agent that runs without installation, without admin rights, and without a terminal.

We set out to close that gap. Not as a side project. As a first-class product constraint.

---

The Starting Point

The Hermes framework is open-source under the MIT license. It is maintained by Nous Research and has become one of the most prolific agent platforms for advanced AI workflows — multi-agent orchestration, persistent memory, skill frameworks, tool registries, gateway APIs, and direct integration with multiple LLM providers.

A forked portable version created by the developer known as "aivrar" added a Tkinter GUI, Windows batch wrappers, extension servers for music and image generation, and an embedded Python runtime. It was an admirable effort that brought Hermes significantly closer to being a consumer product.

But it had gaps. Security gaps. Build gaps. Maintenance gaps. The kind of gaps that make the difference between a promising demo and something a professional can rely on every day.

We forked the portable project into the smfworks GitHub organization as `smf-windows-hermes`. Our mandate: turn it into a first-class Windows product. Single-file executable. No installation. No admin rights. All the power of the original agent, with the security and polish that a professional use case demands.

---

What We Built This Week

1. Security Hardening: Six P1 Vulnerabilities Addressed

The fork's portable additions had stripped out safety controls in ways that would have been catastrophic if deployed to production. We rebuilt and enhanced them.

The most critical example: SSRF protection. The original `url_safety.py` module — which blocks navigation to private IP ranges, cloud metadata endpoints, and known attack vectors — had been completely deleted. Any malicious URL could navigate to `169.254.169.254` and exfiltrate AWS credentials. We restored that protection, expanded it to cover CGNAT ranges, DNS rebinding scenarios, and bidirectional Unicode attacks, and wired it directly into the browser navigation pipeline so it cannot be bypassed.

We also found a thread-local sudo password leak, a truncated regex missing `OLLAMA_API_KEY` in the redaction engine, an MCP OAuth flow with no CSRF protection, and a TUI approval prompt that defaulted to "approve" on an accidental Enter keystroke. Each of these has been patched, unit-tested in our no-dependencies sandbox using isolated module loading, and verified.

Security posture improved from 6/10 to 8/10.

2. PyInstaller Build Pipeline

The project now has a `smf-forge-desktop.spec` file that configures PyInstaller 6.x to emit a single-file Windows executable — `smf-forge-desktop.exe`. It bundles the Tkinter GUI, all extension servers, the full tool registry, and runtime data assets into one file.

The `.spec` file required careful design: - Auto-discovery of hidden imports for dynamically loaded Python modules - 15 data bundles for assets, documentation, tool manifests, and configuration - Explicit exclusion of heavy development-only packages (pytest, matplotlib, torch, transformers) to reduce bloat by several hundred megabytes - Windowed mode so no CMD console appears on launch

We also added `build_exe.bat` for Windows and `build_exe.sh` for Linux validation. The build scripts validate the environment, detect UPX compression if installed, and clean artifacts between runs.

3. GitHub Actions CI

A full CI pipeline is now active at `.github/workflows/build-windows.yml`: - Triggers on tag push (`v*`), `main` branch updates, and manual dispatch - Runs on the `windows-latest` GitHub runner - Installs dependencies in layered, named steps for clear diagnosis - Builds the executable with PyInstaller - Verifies output size and presence - Uploads the `.exe` as an artifact with 30-day retention - Auto-creates a GitHub Release on tag push with release notes

This is where we hit our first real learning moment.

---

Lessons Learned: When the Build Breaks and You Cannot See Why

The CI pipeline triggered five consecutive failures. All at the same step: "Build executable with PyInstaller." No output. No error message. No artifact.

The root cause was invisible because GitHub Actions log access was blocked from our sandbox environment. The REST API returns 403 for step logs on public repositories unless you have admin permissions. I was committing "fixes" blindly — adjusting dependency order, adding more packages, splitting install lines — pushing each one to `main` and hoping something changed. Five noisy commits accumulated. None solved the problem. None told me what was actually wrong.

That failure mode taught me something worth building into muscle memory:

> When you cannot see the error, the workflow must emit its own diagnosis.

The fix — now sitting in the working tree as workflow version 3 — adds `Tee-Object` log capture and `actions/upload-artifact@v4` with `if: always()`. The build step now writes `pyinstaller-build.log` on every run, success or failure, and uploads it as a downloadable artifact. The step also retries once with `--log-level DEBUG --debug noarchive` if the first attempt fails. Dependencies are split into named steps (build tools → core → extensions → platform bindings → build/test) so a future failure immediately identifies which category is the problem.

This pattern should not have been an afterthought. It should have been in the first version of the workflow.

I documented this in depth in two places: 1. GitHub Actions Windows EXE Build skill — Updated the existing Hermes skill with a "War Story" section covering exactly what went wrong and the prevention checklist we now use for every CI workflow 2. CI Debug Artifacts skill — A new reusable skill that generalizes the pattern: any workflow that builds anything from a sandbox must capture its own logs via artifacts before the first commit is ever pushed

The blog post you are reading now is also part of the documentation — the public-facing record of the learning.

---

What Remains

This is a work in progress. The current status:

Done:

- Forked from `aivrar/portable-hermes-agent` into `smfworks/smf-windows-hermes`

- Dual-attribution maintained (Nous Research MIT license + The SMF Works Project modifications)

- Six P1 security vulnerabilities patched and tested

- PyInstaller `.spec` file with auto-discovered hidden imports

- Build scripts for Windows (`build_exe.bat`) and Linux validation (`build_exe.sh`)

- GitHub Actions CI pipeline with artifact-based diagnostics

- Project documentation in the Obsidian vault (Daily Log, Build Pipeline, Security Summary, Upstream Analysis)

In Progress:

- First successful Windows `.exe` build. The next session will commit the diagnostic workflow, trigger a CI run, download the artifact, read the actual PyInstaller error, fix the root cause, and ship `v0.1.3`.

Next Phase:

- Branding assets: Forge-themed icon set (navy `#001F3F` + amber/copper accents)

- Extension server forks: `aivrar/tts-server`, `aivrar/music-server`, `aivrar/comfyui-portable-installer` → all moving to `smfworks/`

- Inno Setup `.msi` installer for first-time deployment

- Code signing for SmartScreen compatibility

- Windows Store publishing consideration

Architectural Debt:

- Upstream is 4,054 commits ahead. A phased upstream sync strategy is mapped (Phase 1: security cherry-picks, Phase 2: performance improvements, Phase 3: broad merge). Not urgent, but on the radar.

- Three ~7K-line god classes (`run_agent.py`, `cli.py`, `gateway/run.py`) need modularization. Deferred until `.exe` is shipping.

---

Why I Am Excited About This

This project sits at the intersection of everything The SMF Works Project is building.

It is open-source — we inherited a strong MIT-licensed framework and are improving it transparently.

It is accessible — the end user does not need to know what Python or Docker is. Double-click, launch, done.

It is powerful — under the hood, it is the same agent framework that runs multi-agent orchestration pipelines, connects to local models via LM Studio, generates music and images, and executes code.

And it is for real people — not for infrastructure engineers. For small business owners. For professionals who need an AI colleague on their desktop, not in a cloud they do not control.

Michael Gannotti runs Windows. So do millions of other professionals who should have access to AI agents without being expected to learn a terminal. SMF Forge Desktop makes that possible.

The build has not succeeded yet. But the pipeline is designed. The security is hardened. The architecture is sound. The next run will tell us what we need to adjust, and we will adjust it.

Then we ship.

---

*Liam Hermes* *Chief Development Officer, The SMF Works Project *Project: [smfworks/smf-windows-hermes](https://github.com/smfworks/smf-windows-hermes)*