Product Description and Feature Set
Complete product description, core feature set, delivery architecture, and product roadmap for the Sókrates outsourced AI department.
4. Product & Solution
4.1 Product Description
Sókrates is an outsourced AI department for companies with 25–75 employees. The customer subscribes and gets complete AI operational coverage — discovery, integration, automation, governance, and continuous improvement — without building internal expertise. Employees don’t need to understand what’s running underneath. They notice things work better. Then they notice things they never complained about getting fixed anyway.
The delivery architecture has two layers that the customer experiences as one thing.
Layer one: the conversational surface. Each customer gets a dedicated Claude Teams workspace, administered by Sókrates. Employees receive seats and interact with Claude through Anthropic’s polished desktop and mobile applications — full internet access, the complete conversational UX, curated Skills and Projects for their daily work. This is where employees go when they need AI to help them do something. It is reactive: the employee initiates, Claude responds.
Layer two: the box. Each customer receives a dedicated on-premises Linux mini-server (a CWWK N305 running NixOS, fanless aluminum chassis) that sits in their office, behind their firewall, on their network. This box runs the Sókrates Agent — Sókrates’s proprietary enterprise operations daemon — using a layered architecture: Hermes Agent handles the periphery (channel I/O, heartbeats, scheduling, message routing) while a custom Python intelligence layer handles the brain (Socratic dialogue, basis consultation, Eidos queries, MCP connections to customer systems, plugin design and monitoring). The box also hosts a local Eidos instance — Sókrates’s enterprise knowledge management system — and a set of MCP servers that connect the Sókrates Agent to exactly the systems the customer authorizes during onboarding. The box connects to Sókrates’s infrastructure for cloud inference (the Sókrates Agent reasons via Claude’s API) but the intelligence layer is sandboxed from the open internet — it cannot browse the web, reach arbitrary endpoints, or exfiltrate data. Customer data stays in the building; only reasoning queries leave, routed through Sókrates’s controlled API layer.
The separation between periphery and intelligence is also a security boundary. Hermes Agent handles message delivery — receiving employee messages from Slack, Teams, email, or whatever channel the customer uses, and sending the Sókrates Agent’s responses back through those channels. It never touches customer system credentials. MCP connections to Microsoft 365, CRM, ERP, and other operational systems flow through the Python intelligence layer, which holds credentials encrypted via sops-nix, injected at runtime. Hermes Agent sees conversation text. It never sees an OAuth token for someone’s SharePoint. This contains the blast radius of Hermes Agent’s known ambient authority model to the communication periphery — a fundamentally different risk class than ambient authority over customer data.
The Sókrates Agent is proactive. It does not wait to be asked. It watches how the company actually operates — through the MCP connectors the customer chose, through the Eidos instance that accumulates operational context over time, and through structured dialogue with employees selected by the CEO or CFO during onboarding. It notices workflow friction that employees have gone nose-blind to. It asks sharp follow-up questions informed by a deep library of operational principles accumulated across every Sókrates engagement. It surfaces problems before they become complaints and designs automations before anyone files a request.
The customer experiences this as “Sókrates lives in the box.” And it does.
The exit architecture makes this literal. If a customer cancels their subscription, they keep the box, their Eidos instance, their MCP connectors, their channel integrations, and a generic Hermes Agent agent that can continue running any automations already deployed. What goes dark is the Sókrates Agent’s intelligence layer — the basis-driven reasoning, the proactive discovery, the Socratic dialogue engine, the cross-fleet pattern recognition. The customer retains everything that is theirs, including the I/O plumbing. What they lose is the brain that made it all get better continuously. Staying is a choice, not a trap. The exit option is simultaneously a trust signal, a sales weapon, and a retention mechanism — customers who stay are pure signal that the Sókrates Agent is delivering value, because they could leave for free at any time.
The service launches with a single bundle — Cowork — focused on knowledge workers (administration, operations, finance, compliance, internal coordination), with Code and Compound following as phase transitions that expand capability from augmentation through enhancement to full autonomy (see Sokrates Product Bundles (Cowork, Code, Compound) for full definitions). This narrow initial focus is deliberate: it constrains the implementation surface to a scope one founder can deliver with quality while still covering the workflows where the largest productivity gains exist for the target segment.
4.2 Core Feature Set
The Sókrates Agent — the product’s beating heart
What it is: The Sókrates Agent is Sókrates’s proprietary enterprise operations daemon. It runs on the customer’s on-premises box as a layered system — Hermes Agent as the communication periphery, a custom Python intelligence layer as the brain — and operates continuously. It serves as the embedded intelligence that makes Sókrates an AI department rather than a collection of AI tools. It subsumes and extends what was previously a standalone process (the Socratic Workflow Archaeologist) into a persistent, proactive presence.
The layered architecture is a deliberate separation of concerns. Hermes Agent provides the I/O plumbing that is genuinely painful to build from scratch: Slack integration (OAuth flow, event subscriptions, message formatting, rate limiting, reconnection logic, thread management), Microsoft Teams integration, email channels, webhook handling, a tested heartbeat system, multi-channel message routing, session management, and the Skills format for plugin packaging. These are each individually a week of plumbing work to build properly — collectively, they represent a month or more of engineering that Hermes Agent provides as battle-tested infrastructure. The Python intelligence layer provides the proprietary reasoning: Socratic dialogue orchestration, basis consultation, Eidos queries via MCP, research sub-agent dispatch, plugin design, workflow monitoring, and the four-mode agent chain. The intelligence layer calls Claude’s API directly using the anthropic Python SDK for its reasoning — not through Hermes Agent’s model-agnostic routing — ensuring the tightest possible integration with Anthropic’s ecosystem.
What it does: The Sókrates Agent operates in three modes.
Proactive discovery mode. The Sókrates Agent continuously monitors the operational signals available to it through its MCP connectors — calendar patterns, email flows, document creation cadences, CRM activity, whatever systems the customer has authorized. When it detects friction, anomaly, or drift, it initiates structured Socratic dialogue with the relevant authorized employee via whatever channel they prefer (Slack, Teams, email — routed through Hermes Agent’s channel infrastructure). It does not wait for someone to type /map-workflow. It reaches out. “I noticed your team’s invoice approval cycle has lengthened by two days over the past month. Can we talk about what changed?” The employee can engage or defer — the Sókrates Agent is persistent but not obnoxious.
Informed follow-up mode. Before returning to an employee with follow-up questions, the Sókrates Agent consults two sources: the accumulated basis of deployment principles (what has worked and failed in similar workflows across all Sókrates engagements), and dispatched research agents that search for known friction points, failure modes, and optimization patterns in comparable workflows. Armed with this context, it returns with questions the employee would never have anticipated — “In companies with a similar approval chain, we’ve found that the exception path for rush orders usually becomes a bottleneck within three months. How do you currently handle rush exceptions?” This loop iterates until the workflow is mapped to sufficient depth.
Design and maintenance mode. When a workflow is mapped, the Sókrates Agent hands output to its plugin design subsystem, which builds the actual automation. Once deployed, the Sókrates Agent monitors plugin performance — adoption rates, exception frequencies, execution times — and flags degradation before anyone notices. Plugins are living things that get revised when the Sókrates Agent observes that the workflow they automate has drifted from the workflow they were designed for.
The /map-workflow slash command remains available as a fallback for employees who want to explicitly initiate discovery on a specific process. But the primary mode is proactive. The Sókrates Agent finds the problems; employees confirm them.
Why it matters: This is the mechanism that converts Sókrates from a consulting engagement into a compounding system. The Sókrates Agent gets sharper with every interaction, every workflow mapped, every principle validated or refuted. A competitor entering the market later can replicate the architecture but not the accumulated basis — that can only be grown by running real engagements across real companies.
Build complexity: High. The agent chain (Socratic Interrogator → Topology Mapper → Plugin Architect → Validation Loop) with basis consultation, research dispatch, iterative human follow-up, proactive monitoring, and shared memory requires careful engineering. However, each sub-capability operates within Claude’s native strengths — structured dialogue, document analysis, code generation, pattern recognition, and verification. The intelligence layer calls Claude’s API directly using the standard anthropic Python SDK with tool_use — the most stable and well-documented interface in Anthropic’s stack. The Sókrates Agent is automated from launch, not a future aspiration.
Priority: MVP.
The on-premises box
What it is: A CWWK 4-LAN N305 mini-server (Intel i3-N305, 8C/8T, up to 32GB DDR5, 4x Intel i226-V 2.5GbE LAN, M.2 NVMe, fanless) running a reproducible NixOS image. Customer-owned hardware. See CWWK 4-LAN N305 (Sokrates Box) for full specifications.
What it does: Hosts the Sókrates Agent (Hermes Agent periphery + Python intelligence layer), the customer’s local Eidos instance, and the MCP servers that connect the intelligence layer to authorized customer systems. It runs Docker containers for service isolation. It sits on the customer’s network, behind their firewall. The intelligence layer has controlled egress to Sókrates’s API infrastructure for cloud inference and basis consultation, but is sandboxed from the open internet — no web browsing, no arbitrary outbound connections, no data exfiltration paths. Hermes Agent’s egress is constrained to the communication channels the customer has configured (Slack API, Teams API, email relay) — it has no path to customer data systems. It is the physical manifestation of “Sókrates lives in the box.”
The architecture supports two hardware tiers. The standard tier (CWWK N305 alone, ~4,000) for fully local inference — a finetuned Gemma 4 31B Dense model runs continuously on-premises, providing complete data sovereignty with no reasoning queries leaving the building. Both tiers run the same NixOS software stack; the difference is where inference happens.
Why it matters: The box solves trust, privacy, data sovereignty, and sales objections simultaneously. “Your data never leaves the building” is a one-sentence answer to every security concern a FinTech CFO will raise — and on the sovereign tier, it is literally true for inference as well as data. The physical presence anchors the “outsourced AI department” framing far more concretely than a cloud login ever could. The exit architecture — customer keeps the box — makes the trust proposition tangible and inspectable. On the standard tier, hardware cost (~4,000+) is justified by customers with strict data sovereignty requirements (FinTech, regulated industries).
Configuration during onboarding: The CEO or CFO selects which employees the Sókrates Agent may interact with directly. They select which communication channels to activate (Slack, Teams, email). They select which MCP servers to activate — each one a discrete, legible choice: “Do you want it to see your calendar? Your email? Your CRM? Your project management tool?” Every connector is individually revocable. The trust boundary is co-designed by the customer, not imposed by Sókrates.
Fleet management: Sókrates operates its own fleet management daemon that monitors the health, status, and performance of all customer boxes remotely. Updates to the NixOS image are reproducible and deployed across the fleet. Because every customer box runs a bit-identical environment, a fix on one box is a fix on all of them.
Build complexity: Low-medium. NixOS image creation and fleet management tooling are well-understood problems. The Hermes Agent deployment is configuration, not engineering. The Python intelligence layer deployment is a standard Docker container with the anthropic SDK and Neo4j driver. MCP server setup is per-customer but follows a repeatable pattern.
Priority: MVP. The box must be configured and deployed before the first customer engagement.
Eidos — the customer’s operational memory
What it is: Eidos is a production-grade enterprise knowledge management system built on Neo4j (graph database), Voyage AI (semantic embeddings), and FastAPI, with native MCP support for direct Claude integration. It is not a concept or a future build item — it is an existing, deployed system, originally developed as internal tooling at Wise for breaking down data silos across Confluence, code repositories, and organizational knowledge. The adaptation for Sókrates replaces Wise’s internal data sources with customer operational data and deploys a customer-local instance on the on-premises box.
What it does: Eidos provides the Sókrates Agent with a persistent, semantically searchable knowledge graph of the customer’s operations. It stores entities (people, processes, systems, documents, decision gates), relationships (who does what, what feeds into what, where exceptions occur, which teams depend on which workflows), and accumulated observations from the Sókrates Agent’s ongoing interactions. It supports semantic search across all indexed content via Voyage AI embeddings — meaning the Sókrates Agent doesn’t just query by keyword, it queries by meaning. It exposes a unified query API with a declarative DSL for complex knowledge queries, and a memory system for storing and recalling observations across sessions.
During onboarding, Eidos is seeded from whatever customer documentation is available — org charts, process documents, SOPs, employee handbooks, internal wikis, shared drives. After onboarding, it grows organically: every Socratic dialogue the Sókrates Agent conducts, every workflow it maps, every observation it makes gets written back into the graph. The knowledge compounds. Three months in, the Sókrates Agent has a richer understanding of how the company actually operates than most employees do, because it has talked to everyone and forgotten nothing.
The system is built with production-grade reliability patterns: circuit breakers for external service calls, structured error handling, full OpenTelemetry instrumentation for observability, and structured logging. It is MCP-native — the Sókrates Agent’s intelligence layer queries Eidos directly through its MCP endpoint, which means access to the customer’s operational memory is seamless and structured, not a bolted-on afterthought.
Why it matters: Without Eidos, the Sókrates Agent would be amnesiac between interactions — smart but contextless. With it, the Sókrates Agent knows that the Friday reconciliation is Sarah’s job, that it feeds into the monthly close managed by Jón, that Sarah has mentioned twice that the exception handling for international invoices is a pain point, that the process changed six weeks ago when the new supplier was onboarded, and that a structurally similar bottleneck in another engagement was resolved by a specific plugin pattern. Eidos is what makes the Sókrates Agent’s questions sharp rather than generic. It is the customer-specific memory that makes proactive discovery not just possible but devastating.
Build complexity: Low. The core system is built, deployed, and operational. The adaptation for Sókrates requires reconfiguring data source connectors (from Confluence/GitHub to customer operational data), deploying Neo4j locally on the CWWK N305 rather than on Azure (or running a managed instance depending on customer preference), and extending the schema for the specific entity types and relationship patterns relevant to operational workflow mapping. This is adaptation work, not ground-up engineering.
Priority: MVP. Eidos is the single component closest to production-ready because it already exists.
Bespoke workflow plugins
What they do: Each plugin automates one specific workflow in the customer’s organization. A plugin might reconcile supplier invoices against purchase orders every Friday, generate weekly client status reports from project management data, route incoming document requests through the correct approval chain, or monitor a shared inbox and extract structured data into the company’s ERP. Plugins are composable — complex processes are built as chains of atomic plugins with explicit hand-off logic. Plugins live inside the customer’s Claude Teams workspace and execute through MCP connectors to the company’s existing systems.
Why it matters: The plugins are the felt value. They are the moment an employee says “this just did two hours of my Friday in ten minutes.” They are the withdrawal symptom generator — once the Friday reconciliation is automated, doing it manually again feels like washing clothes by hand. Each active plugin is a unit of switching cost, a unit of demonstrated ROI, and a unit of retention. The Sókrates Agent’s proactive monitoring means plugins don’t silently degrade — when the workflow changes, the plugin adapts or the Sókrates Agent flags that it needs redesigning.
Build complexity: Medium per plugin (each is a configuration and integration task using Skills, Projects, and MCP connectors within Claude Teams), but high in aggregate as plugin count grows and cross-plugin dependencies emerge.
Priority: MVP. The first engagement should produce 3–5 working plugins within the trial period.
Base bundle (Cowork foundation)
What it does: Every customer receives a fully configured Claude Teams workspace from day one: seats provisioned for the agreed number of employees, a curated library of pre-built Skill.md workflows for common knowledge-worker tasks (document summarization, meeting preparation, report drafting, email analysis, data extraction), MCP connectors to their existing productivity platform (M365 or Google Workspace), example Claude Projects that showcase what makes the platform powerful and double as interactive training material, and a structured onboarding program (“How to work with your new AI department”) that teaches employees to collaborate with AI effectively.
Why it matters: The base bundle gets AI into employees’ hands immediately while the Sókrates Agent maps workflows in the background and bespoke plugins are built. It establishes daily AI usage habits within the first two weeks. It also serves as the demonstration layer during trials — “here’s what the department can do with generic knowledge of your business; now imagine what it does once the Sókrates Agent actually knows you.”
Build complexity: Low. This is configuration, curation, and documentation work. The Skill.md library, Projects, and connector configurations are built once and deployed across all customers with minimal per-customer customization.
Priority: MVP. Must be ready before the first customer engagement.
Governance and compliance layer
What it does: Manages data protection policy across both delivery layers and the security boundary between the Sókrates Agent’s periphery and intelligence layers. On the Claude Teams side: workspace admin controls for connector management, Project scoping, usage monitoring, and access levels per seat. On the box side: the layered security architecture ensures customer system credentials never touch the Hermes Agent periphery — MCP server activation controlled by the customer (each connector individually revocable), intelligence layer sandboxed from the open internet (controlled egress to Sókrates API only), Hermes Agent periphery restricted to communication channel APIs (Slack, Teams, email), customer-selected employee access list for Sókrates Agent interactions, credentials encrypted via sops-nix and injected at runtime, and local-only data storage with Eidos data never leaving the premises.
On top of these platform-level controls, Sókrates provides: data handling policy templates aligned with Persónuvernd guidelines and EU AI Act requirements, employee AI usage guidelines, and compliance documentation suitable for audit. The dual-layer architecture makes governance both architectural and inspectable — the customer can literally point at the box and say “our data is in there,” and the layered separation means a CISO can verify that the communication periphery has no path to customer system credentials.
Why it matters: The majority of enterprise employees use unsanctioned AI tools (see §3.2 for the data). Every ungoverned interaction is a potential GDPR violation. Sókrates converts the customer’s AI exposure from a liability into an auditable, compliant capability. The agent-sandboxed-from-internet default for the intelligence layer, combined with the credential isolation from the communication periphery, is a competitive kill shot against every cloud-only AI offering in terms of data sovereignty, and a one-sentence objection killer for security-conscious CFOs.
Build complexity: Low-medium. Policy templates and usage guidelines are documentation work. Technical governance on the Claude Teams side is native to the platform. Box-level governance is enforced by NixOS configuration, network isolation, and the layered container architecture that separates the Hermes Agent periphery from the Python intelligence layer.
Priority: MVP for policy, admin controls, box-level isolation, and credential separation. Automated monitoring evolves with scale.
The accumulated basis
What it does: A structured, tier-validated knowledge base that captures deployment principles across all Sókrates engagements. Principles are classified as Tentative (observed once), Confirmed (validated across multiple engagements), Conditional (true in specific contexts), or Refuted (empirically disproven). The basis has two distinct layers: meta-level principles about how to conduct Socratic discovery effectively (these improve the Sókrates Agent’s questioning across all sectors and engagements), and domain-level principles about specific workflow patterns and automation architectures (these improve plugin design within each vertical).
The basis does not live on the customer’s box. It lives in Sókrates’s infrastructure and is consulted by the Sókrates Agent’s intelligence layer via API during its reasoning process. This is the critical asymmetry: the customer owns their data (the Eidos instance, the plugins, the channel integrations, the box), but the cross-fleet intelligence stays with Sókrates. The basis is what makes the Sókrates Agent a philosopher rather than a clerk.
Why it matters: The basis is the asset that makes Sókrates an acquisition target rather than a consulting practice. It compounds with every engagement and can only be grown by running real deployments across real organizations. It is the mechanism by which customer number 8 in FinTech gets onboarded in two weeks instead of six. The Basis Genesis Engine (which seeds the basis from external sources — public SOPs, skill repositories, industry process documentation) is already operational and has produced a generation-zero basis from over 1,500 source documents, containing thousands of distilled operational principles, before any customer engagement occurs. The Sókrates Agent arrives at its first engagement with years of operational pattern knowledge already internalized.
Build complexity: Medium for the storage and classification infrastructure. The content is generated both by the Basis Genesis Engine (pre-engagement) and as a byproduct of every live engagement (ongoing).
Priority: MVP for infrastructure. Generation-zero content is already loaded. Content compounds from engagement one.
4.3 Product Roadmap
The timelines below reflect the reality that Sókrates is built with AI (Claude Code for engineering, the Sókrates Agent itself for workflow discovery, the Basis Genesis Engine for knowledge seeding) and that the product is an AI system whose output quality improves with every engagement automatically. Development velocity is not linear — each component accelerates the construction of the next.
MVP (Weeks 0–4): First customer live
In: Claude Teams workspace per customer, fully configured. Base bundle (Skill.md library + MCP connectors + Projects + onboarding program). On-premises CWWK N305 deployed with NixOS running the layered Sókrates Agent (Hermes Agent periphery + Python intelligence layer), Eidos seeded from customer documentation, and customer-selected MCP servers. Communication channels configured (Slack, Teams, or email via Hermes Agent). Sókrates Agent running in proactive discovery mode with access to CEO/CFO-selected employees. 3–5 bespoke plugins per customer, designed by the Sókrates Agent pipeline and validated by the founder. Governance via admin controls, policy templates, credential isolation, and box-level network isolation. Basis infrastructure loaded with generation-zero content from the Basis Genesis Engine.
Out: Code bundle. Compound bundle. Multi-model support. Enterprise-tier Claude contracting. Customer self-service dashboard.
The base bundle components — Skills, Projects, connectors, onboarding materials — are built in the first two weeks. The Sókrates Agent pipeline and basis infrastructure are already under development. The NixOS image for the CWWK N305 is built once and deployed identically to every customer box.
The first 1–2 engagements are structured as EDIH-IS “Test Before Invest” pilot programs. The customer applies for the European Digital Innovation Hub’s services; the cost of Sókrates’s implementation — including the on-premises hardware — is subsidized up to 100% under GBER Article 28, with a per-company cap of €200,000 over three years. This neutralizes financial risk for both parties. The customer gets a free AI department to test-drive, including a physical appliance they keep regardless. Sókrates receives compensation through European funding pathways. The trial is not free work; it is EU-subsidized customer acquisition.
V1 (Weeks 4–10): Multi-customer, first vertical depth
Trigger: First customer’s Sókrates Agent has mapped multiple workflows, plugins have daily usage, and the basis contains first Confirmed principles from a live engagement.
In: Plugin library begins accumulating reusable patterns (the Sókrates Agent recognizes workflow shapes it has seen before and offers pre-validated solutions). Automated governance monitoring (moving from policy templates to active alerting). Customer health metrics from fleet management daemon (workflow adoption rates, plugin usage frequency, exception rates, box health). Eidos organic growth producing increasingly sharp proactive discoveries. Google Workspace with Gemini integration as a second platform option. First hire — a technical implementation specialist. NemoClaw evaluation for hardening the Hermes Agent periphery (if matured sufficiently from its March 2026 alpha release).
Each new customer in an established vertical onboards faster than the last. The second FinTech company benefits from everything the Sókrates Agent learned in the first. By the third, the basis-informed proactive discovery is sharp enough to flag the standard pain points within the first week.
V2 (Months 3–6): Code bundle, fleet operations
Trigger: 5–8 active customers across 2+ verticals. Sókrates Agent output requires spot-checking rather than systematic review. Founder bandwidth is the binding constraint.
In: Code bundle (developer workflows, non-technical automation building, Claude Code integration via the Claude Agent SDK). Multi-model routing within plugins where cost optimization matters. Customer self-service dashboard showing workflow performance and ROI metrics. Enterprise-tier Claude contracting if fleet scale justifies it. Team grows to 3–5.
Must be true: Net revenue retention above 100%. Basis contains enough Confirmed principles across multiple verticals that onboarding a new customer in an established vertical is measured in days, not weeks.
V3 (Months 6–12): Compound bundle, Nordic expansion readiness
The Compound bundle is the generalization of what was previously scoped as “CRM.” Rather than defining the third capability tier by a software category, it is defined by a structural property: bespoke autonomous agents that act as fully autonomous employees on the customer’s behalf, tailored to whatever domain the company actually operates in. A CRM agent for a FinTech firm. A production plant monitoring agent watching industrial output for a manufacturer. A marine biology monitoring agent tracking fish aggregation data for a fishing company. A compliance monitoring agent watching regulatory feeds for a law firm. A logistics optimization agent for a shipping company.
What these share: the AI operates at the boundary between the company and the external world, or in a domain-specific operational context where failure modes are qualitatively different from internal knowledge work. What they don’t share: a product category. The Sókrates Agent discovers what the customer needs through its Socratic dialogue process. The basis informs the agent’s design from principles accumulated across all prior engagements. The Claude Agent SDK provides the runtime. Eidos provides the memory. Sókrates builds the agent, deploys it on the box alongside the Sókrates Agent, and monitors it.
The Compound bundle is deliberately last because deploying a fully autonomous agent in a customer-specific domain requires stricter guardrails, more mature monitoring, and a battle-tested security story from the Cowork and Code deployments. Getting a Compound agent wrong in CRM mode damages the customer’s relationship with their customers. Getting a Compound agent wrong in production monitoring mode creates safety risk. Getting Cowork wrong wastes internal time. The failure modes are asymmetric.
By this point the basis contains enough empirical depth that the Sókrates Agent can onboard a new Cowork customer in an established vertical with minimal founder involvement. The team handles Cowork fleet operations. The founder’s bandwidth shifts to Compound development and Nordic market preparation.
The entire arc from first customer to Compound launch compresses into under a year because each phase’s output accelerates the next: the basis grows, the plugin library deepens, the Sókrates Agent gets sharper, and the team inherits systematized operational knowledge rather than tribal knowledge. The compounding is the timeline.
4.4 Technology Architecture
High-level architecture only. Detailed diagrams deferred to appendix.
The two-layer delivery stack with layered agent architecture:
Employee daily workflow
│
▼
┌─────────────────────────┐
│ Claude Teams │ ← Conversational surface (internet-enabled)
│ (Anthropic-hosted) │ Employees interact here via desktop/mobile app
│ Skills, Projects, │ Reactive: employee initiates, Claude responds
│ MCP connectors │ Plugins execute here via MCP
└─────────┬───────────────┘
│ API calls (routed through Sókrates infrastructure)
│
┌─────────▼───────────────────────────────────────────────────┐
│ On-premises CWWK N305 (NixOS) │
│ │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ Hermes Agent Periphery │ │
│ │ Slack │ Teams │ Email │ Webhooks │ │
│ │ Heartbeat │ Scheduling │ Message routing │ │
│ │ Skills format │ Session management │ │
│ │ │ │
│ │ ⚠ NO customer system credentials │ │
│ │ ⚠ NO MCP connections to M365/CRM/ERP │ │
│ │ ⚠ Egress restricted to communication channel APIs │ │
│ └────────────────────┬────────────────────────────────┘ │
│ │ Internal API (localhost only) │
│ ┌────────────────────▼────────────────────────────────┐ │
│ │ Sókrates Agent Intelligence Layer (Python) │ │
│ │ anthropic SDK → Claude API (via Sókrates infra) │ │
│ │ Socratic dialogue │ Basis consultation │ │
│ │ Plugin design │ Workflow monitoring │ │
│ │ Research sub-agent dispatch │ │
│ │ │ │
│ │ ✓ Holds customer system credentials (sops-nix) │ │
│ │ ✓ MCP connections to M365/CRM/ERP │ │
│ │ ✓ Eidos queries via MCP │ │
│ │ ✓ Sandboxed from open internet │ │
│ └────────────────────┬────────────────────────────────┘ │
│ │ │
│ ┌────────────────────▼────────────────────────────────┐ │
│ │ Eidos (Neo4j + FastAPI + Voyage AI) │ │
│ │ Operational knowledge graph │ MCP server │ │
│ │ Semantic search │ Memory system │ │
│ │ Customer data never leaves premises │ │
│ └─────────────────────────────────────────────────────┘ │
│ │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ Fleet Agent │ │
│ │ Heartbeat │ Pull-based updates │ Encrypted backups │ │
│ └─────────────────────────────────────────────────────┘ │
│ │
│ MCP connectors (customer-selected) ──→ Customer systems │
└─────────────────────────────────────────────────────────────┘
Core technology choices:
Claude Teams as the conversational surface. Each customer gets a dedicated Claude Teams workspace. Sókrates is the workspace owner and administrator; employees receive seats. This provides: zero infrastructure to build and maintain (Anthropic handles hosting, availability, model updates, and the conversation interface), native support for Projects, Skills, and MCP connectors, built-in admin controls for governance, and a user interface that employees can use immediately without training on a custom application. Claude Teams seat costs (see §8.1 for pricing) are passed through to the customer at cost with full transparency.
Hermes Agent as the communication periphery. Hermes Agent provides the I/O plumbing for the Sókrates Agent: channel integrations (Slack, Teams, Discord, email, WhatsApp), a tested heartbeat system, cron-based proactive scheduling, multi-channel message routing, a web UI for monitoring, session management, and the Skills format for plugin packaging. This is infrastructure that is individually straightforward but collectively represents a month or more of engineering work to build properly. Hermes Agent is used strictly as the ears and mouth — it receives messages from employees through whatever channel they prefer, routes them to the Sókrates Agent’s intelligence layer, and delivers responses back. It has no access to customer system credentials, no MCP connections to operational systems, and no path to customer data. Its ambient authority model — a known security limitation — is contained to communication channel APIs, which is a fundamentally different risk class than authority over customer data. Hermes Agent requires Node.js 22 and consumes approximately 1.5–2GB RAM.
Custom Python intelligence layer calling the Anthropic Messages API. The Sókrates Agent’s brain is a custom Python daemon using the anthropic Python SDK to call Claude’s Messages API directly with tool_use for structured interactions. This is the most stable interface in Anthropic’s ecosystem — a versioned commercial API with documented deprecation schedules. The intelligence layer handles: Socratic dialogue orchestration, basis consultation via Sókrates API, Eidos queries via MCP (using the fastmcp Python library), research sub-agent dispatch via parallel API calls, plugin design, workflow monitoring, and the four-mode agent chain. Conversation state is serialized to Neo4j between sessions via Eidos, not maintained in LLM context. Customer system credentials are encrypted via sops-nix and injected at runtime. The intelligence layer runs as a Python asyncio process (~200MB RAM) with APScheduler for proactive scheduling and a FastAPI webhook listener for incoming messages from the Hermes Agent periphery.
NixOS for reproducible fleet deployment. Every customer box runs a bit-identical NixOS image. This means deployment is deterministic (no “works on my machine” failures across a fleet), updates are atomic and rollback-safe, and the entire system configuration is version-controlled. When a fix is validated on one box, it can be deployed fleet-wide with confidence.
CWWK 4-LAN N305 as on-premises hardware. Intel i3-N305 (8C/8T, up to 3.80GHz), DDR5 up to 32GB, M.2 NVMe, 4x Intel i226-V 2.5GbE LAN, fanless passive cooling. 15W TDP means negligible power draw for 24/7 operation (10–12W idle under standard workload). The quad-LAN configuration enables sophisticated network isolation via nftables, with dedicated ports for management and customer network egress. RAM budget: NixOS + Docker (~700MB), Neo4j (~1.75GB), Eidos FastAPI (~200MB), Python intelligence layer (~200MB), Hermes Agent periphery (~1.5–2GB), fleet agent (~200MB) — total approximately 4.5–5GB of 16GB, leaving substantial headroom for Neo4j pagecache growth as the knowledge graph expands. With the 32GB upgrade path, memory constraints are eliminated entirely. The box does not need to be powerful — it needs to be reliable, quiet, and cheap enough that the hardware cost disappears into the engagement economics. See CWWK 4-LAN N305 (Sokrates Box) for full specifications.
Model Context Protocol (MCP) for integration. MCP is Anthropic’s open standard for connecting AI models to external tools and data sources, with 97 million monthly SDK downloads and industry-wide support. MCP servers run locally on the customer’s box, providing the Sókrates Agent’s intelligence layer with structured access to authorized customer systems. Each MCP server is a discrete, individually revocable connector — the customer controls exactly which systems the AI can see. Critically, MCP connections flow through the Python intelligence layer, not through the Hermes Agent periphery — this is the architectural enforcement of the credential isolation principle. Using an open standard ensures that integrations survive platform changes and that the Exit Option produces genuinely portable artifacts.
Eidos for customer-specific operational memory. An enterprise knowledge management system built on Neo4j (graph database), Voyage AI (semantic embeddings, API-based — no local compute), and FastAPI, with native MCP support. Each customer gets a local Eidos instance on their box, seeded during onboarding and grown organically through Sókrates Agent observations and employee interactions. Eidos provides semantic search across all indexed customer knowledge — the Sókrates Agent queries by meaning, not keyword — and a unified query DSL for complex relationship traversal. The system includes production-grade reliability patterns (circuit breakers, structured error handling, full OpenTelemetry observability). Eidos is an existing, deployed system adapted from enterprise internal tooling, not a greenfield build.
Claude Agent SDK for Compound bundle (V3). When Sókrates expands to building bespoke domain-specific agents for customers (the Compound bundle), those agents are built on the Claude Agent SDK — Anthropic’s own agent harness with custom tools, MCP integration, subagents, compaction, and the Agent Skills spec. This provides a clean separation: the Sókrates Agent (which is an enterprise operations daemon) uses a custom Python architecture optimized for 24/7 proactive operation, while Compound agents (which are fully autonomous domain-specific agents built per customer engagement) use the Claude Agent SDK’s purpose-built agent primitives. Both run on the same box, both call Claude’s API, both use Eidos for memory, but their architectural needs are different and their runtimes reflect that.
Google Workspace / Microsoft 365 as the customer platform layer. Near-universal in the target segment. Sókrates does not replace either platform — it connects to them through MCP, bringing AI into the tools employees already use daily.
Build vs. buy decisions:
Build: The Sókrates Agent intelligence layer (Socratic dialogue engine, basis consultation, plugin design, workflow monitoring, four-mode agent chain), the basis infrastructure and classification system, the plugin composition framework, the NixOS fleet image, the Eidos schema and seeding pipeline, governance policy templates, the Basis Genesis Engine, and the Hermes Agent-to-intelligence-layer integration bridge.
Buy/use: Claude Teams for the conversational surface and user interface, Hermes Agent for the communication periphery and channel I/O, the anthropic Python SDK for Claude API access, CWWK 4-LAN N305 for on-premises hardware, MCP connectors for system integration, NixOS for the operating system, sops-nix for credential encryption, standard cloud infrastructure for basis storage, and the Claude Agent SDK for the Compound bundle.
The critical insight: Sókrates does not need to build a customer-facing application, a conversation interface, a model serving layer, an authentication system, or multi-channel communication plumbing. Anthropic provides the first four. Hermes Agent provides the fifth. Sókrates builds the intelligence that runs inside these platforms — the Sókrates Agent, the basis, the plugins, the Eidos schema, and the governance framework. The layered architecture means the intelligence layer is framework-independent — if Hermes Agent’s community fractures or a better communication framework emerges, the Sókrates Agent’s brain migrates without rewriting the Socratic dialogue engine, the basis consultation protocol, or the Eidos integration. The hard work is portable. The plumbing is replaceable.
Key technical risks and mitigation:
Platform dependency on Anthropic Claude Teams. Sókrates’s conversational delivery layer runs on Claude Teams. If Anthropic changes Teams pricing, capabilities, or terms of service, the business is directly affected. Mitigation: the valuable IP (the basis, the Sókrates Agent methodology, the plugin designs, the Eidos schemas) is platform-independent. The on-premises box does not depend on Claude Teams — the Sókrates Agent can be re-pointed to alternative model providers or conversational surfaces. Additionally, Anthropic’s stated strategy is to expand the partner ecosystem: the Claude Partner Network launch with $100 million investment signals alignment, not conflict.
Hermes Agent framework maturity and security. Hermes Agent has accumulated eight CVEs in under three months, including CVE-2026-25253 (CVSS 8.8, one-click RCE). Its creator Peter Steinberger reportedly joined OpenAI in February 2026, and governance is transitioning to an independent foundation. The project has undergone two full renamings and multiple breaking API changes. Mitigation: the layered architecture deliberately constrains Hermes Agent to the communication periphery. It never touches customer system credentials, has no MCP connections to operational systems, and its ambient authority is limited to communication channel APIs. The blast radius of a compromised Hermes Agent instance is message delivery, not data exfiltration. NemoClaw (NVIDIA’s Landlock/seccomp security wrapper, announced March 16, 2026) is a nice-to-have hardening layer for the periphery rather than a critical dependency. If Hermes Agent becomes untenable, the communication periphery can be replaced — the Sókrates Agent’s intelligence layer, which is all the proprietary IP, is framework-independent.
Claude Teams feature limitations at scale. Teams supports up to 150 seats and lacks SCIM provisioning, comprehensive audit logging, and fine-grained access controls that Enterprise provides. For the target segment (25–75 employees, 15–25 active AI users), Teams is adequate. Mitigation: monitor feature requirements per customer and plan the Enterprise transition threshold.
On-premises hardware failure. A customer’s box could die. Mitigation: NixOS images are reproducible — a replacement box can be configured identically and shipped within days. The Eidos data is backed up to Sókrates’s infrastructure (encrypted, customer-controlled). Plugin configurations live in Claude Teams, not on the box. The box is cheap enough to keep spares.
Integration fragility. MCP connectors to customer systems can break when those systems update. Mitigation: the Sókrates Agent’s plugin monitoring mode detects degraded performance. The ongoing retainer explicitly covers integration maintenance. The governance monitoring layer includes integration health checks.
Context window economics. Running 24/7 with Claude API calls on every heartbeat and every employee interaction has cost implications. At current Claude pricing (15/MTok output for Claude Sonnet 4.5), a busy agent processing 50 interactions/day with 4K-token average context costs roughly $15–30/day per customer. Mitigation: aggressive summarization and state externalization to Neo4j via Eidos minimizes context size per call. The custom intelligence layer gives full control over prompt engineering and token optimization — no framework-imposed context management patterns. Conversation state lives in the knowledge graph, not in LLM context windows.
Scaling path:
Claude Teams + Hermes Agent periphery + Python intelligence layer (launch) → Enterprise Claude (when fleet scale justifies it, likely 8+ customers) → NemoClaw hardening of Hermes Agent periphery (when mature) → Claude Agent SDK for Compound bundle (V3) → potential multi-model routing within plugins where cost optimization matters (V2+). On the hardware side: individual CWWK N305 units (launch) → bulk procurement with negotiated pricing (fleet scale) → NVIDIA DGX Spark for local inference tier → potential custom NixOS appliance image for faster deployment. Each step is triggered by a specific business condition, not a calendar date.
4.5 Intellectual Property
Protectable as trade secret: the accumulated basis.
The basis is the primary intellectual property of Sókrates. It is a structured knowledge base of empirically validated deployment principles, grown from real customer engagements and pre-seeded by the Basis Genesis Engine from over 1,500 public source documents, that cannot be replicated without equivalent operational experience. It is not patentable (it is a collection of operational knowledge, not a novel invention) but is protectable as a trade secret under Icelandic law (Act No. 131/2020 on Trade Secrets, implementing EU Directive 2016/943). The basis is never shared with customers or partners. It informs the Sókrates Agent’s behavior and plugin design but is not visible in the outputs delivered to customers. It does not reside on customer hardware — it lives in Sókrates’s infrastructure.
Protectable as trade secret: the Sókrates Agent intelligence layer and methodology.
The specific dialogue structures, branching logic, proactive discovery triggers, follow-up question generation patterns, basis consultation protocols, research dispatch architecture, Eidos query strategies, plugin monitoring heuristics, the dual-layer feedback mechanism (meta-level dialogue principles vs. domain-level plugin principles), and the layered periphery/intelligence architecture constitute proprietary methodology. The general concept of “an AI agent that watches operations” is not protectable. The specific implementation — including the proactive discovery mode, the basis-informed Socratic follow-up cycle, the Eidos integration, the automated principle extraction, and the credential-isolated periphery/intelligence separation — is.
Protectable as trade secret: the NixOS fleet image and deployment architecture.
The specific system configuration, layered container orchestration separating communication periphery from intelligence layer, credential isolation via sops-nix, MCP server deployment patterns, Eidos schema, network isolation configuration, and fleet management tooling that make a sub-$400 box into a deployable AI appliance are proprietary operational knowledge.
Not protectable (head starts, not IP):
The base bundle Skill.md library, MCP connector configurations, and onboarding materials are replicable by any competent implementation team. The plugin architectures for individual customers belong to those customers and are included in the Exit Option. The customer’s Eidos instance belongs to the customer. The Hermes Agent periphery configuration is open-source infrastructure. Sókrates retains the principles learned from engagements (in the basis) but not the customer-specific configurations or data.
Patents: not planned. The cost and timeline of patent prosecution are not justified at this stage. Trade secret protection is more appropriate for operational knowledge that derives its value from continuous accumulation. If the basis and methodology prove commercially valuable at scale, patent strategy can be revisited.