Production-grade AI agents, secure tool execution, LLM systems, CUDA optimisation, scientific machine learning, and spatial computing.
| What I do | Evidence |
|---|---|
| Architect and harden production AI-agent systems | Upstream work across Hermes Agent security, plugins, backup/restore, provider validation, gateway and runtime paths |
| Build usable AI products | Desktop, TUI, WebUI, Electron, approval flows, model selection and cross-platform fixes |
| Optimise LLM infrastructure | CUDA experiments, KV-cache quantisation analysis and reproducible performance measurements |
| Apply ML to science | Multi-target pIC50 modelling with Transformers, RDKit descriptors and Optuna |
| Deliver across platforms | Python, TypeScript, Electron, React, Rust, CUDA, C#, Unity and Windows/Linux environments |
I contribute directly to the upstream Hermes Agent ecosystem, with work spanning architecture, security, reliability and user-facing AI interfaces.
| Area | Engineering contribution |
|---|---|
| Security | Archive expansion limits, SSRF protections, credential-path filtering, provider URL validation, plugin authorisation hardening |
| Desktop / WebUI | Electron stability, approval flows, model picker behaviour, session correctness, tooltip and interaction fixes |
| Agent runtime | Safer tool handling, malformed tool-call preservation, state hydration hardening and provider error handling |
| Backup / restore | Safe archive import, symlink validation, wrapper-prefix collision prevention and restore target constraints |
| Cross-platform | Windows temporary-file handling, POSIX path normalisation, standard-pipe handling and local-provider compatibility |
| Gateway / integrations | Telegram entity parsing, media cache cleanup, proxy handling and session persistence |
| Quality | Focused regression tests, type checks, platform-specific verification and issue-linked fixes |
fix(security): bound resource use and verify Tirith provenancefix(security): bind tool override gates to owner tokensfix(web): re-check Firecrawl final URLs for SSRFfix(file): block credential paths from search resultsfix(profiles): preserve safe symlinks on archive importfix(backup): reject mixed archive wrapper prefixesfix(file-sync): make sync-back portable on Windowsfix(desktop): guard broken standard pipesfix(desktop): extend approval response timeoutfix(desktop): avoid probing custom providers on model picker open
- Agent runtime architecture
- Secure tool execution and plugin systems
- Desktop AI and WebUI engineering
- Model-provider abstraction
- Cross-platform systems design
- CUDA and LLM performance analysis
- Scientific machine learning
- Unity and spatial-computing tooling
| Project | Focus | Why it matters |
|---|---|---|
| hermes-agent | Agent runtime, plugins, tools, desktop and local AI workflows | Production-oriented AI-agent engineering and upstream contribution work |
| Turboquant-CUDA | KV-cache quantisation and CUDA measurement | Reproducible LLM systems analysis and model-efficiency experimentation |
| multi-target-pIC50-predictor | Transformer-based drug-discovery modelling | Scientific ML with molecular descriptors, receptor targets and Optuna |
| elastic-looped-transformer | Experimental Transformer research | Architecture implementation, self-distillation and GRPO experimentation |
| jaxa-earth-vrchat-terrain | Earth-observation to VR pipeline | Data engineering across JAXA inputs, Blender, Unity and VRChat |
| liltoon-pcss-extension | Unity shader tooling | Production-minded C# and Unity extension development |
AI / ML Python · PyTorch · Transformers · RDKit · Optuna
Agent systems Hermes Agent · Tool execution · Plugins · MCP · Local-first AI
Frontend TypeScript · React · Electron · WebUI · TUI
Systems Rust · CUDA · Docker · Windows · Linux
Spatial C# · Unity · Blender · VRChat
- I can move between architecture, implementation, testing and production debugging.
- I treat agent security, tool boundaries and state handling as first-class design concerns.
- I can work across model-layer, runtime-layer, UI-layer and platform-layer problems.
- I document engineering decisions and add regression coverage rather than shipping one-off patches.
- I am comfortable contributing inside large upstream codebases as well as building original research software.
- GitHub: @zapabob
- X: @zapabob_ouj
- Sponsorship: GitHub Sponsors




