AIMD provides teams and organizations with secure workspaces to pool rulesets, manage write-only shared credentials, audit admin operations, and govern downstream ruleset executions with a cryptographically locked DRM engine.
Collaborative Workspaces act as isolated organizational hubs. To eliminate onboarding friction while maintaining strict boundary checks, teams leverage automated member governance:
Administrators can configure verified email domains (e.g., acmelabs.io). When a new developer signs up on the platform, database-level triggers intercept the registration, extract the email domain, and automatically link their profile to the corresponding workspace as a Viewer.
Every action—member invites, role shifts, or whitelist adjustments—is recorded in the workspace_audit_logs table. Further, database constraints prevent organization subscription downgrades if the active member count exceeds target tier capacities, blocking accidental seat overflow.
Testing prompt templates and automated workflows requires secure API provider credentials. To support interactive playgrounds without exposing API keys to collaborators' browser inspection tools, workspaces employ an isolated Write-Only Secrets Vault:
The vault isolates standard integration variables: OPENAI_API_KEY, ANTHROPIC_API_KEY, GOOGLE_API_KEY, and DEEPSEEK_API_KEY.
Keys are encrypted at-rest using pgcrypto. When running sandbox tests, the server decrypts the token in memory, routes the call to the model provider server-to-server, and streams the output. The raw credential never touches the browser client.
When multiple developers collaborate inside a shared workspace directory, overlapping pushes can cause accidental overrides. Creators toggle listing-level concurrency constraints:
Updates compile to a staging database schema. They do not override the production release until they are audited and approved by a designated workspace Owner or Admin.
Collaborator clients compare version timestamps. If another teammate has committed a push since you pulled the prompt, your write is blocked, triggering a merge warning.
Opening a prompt for local development creates a 15-minute lease lock (renewed on typing activity). Other collaborators are locked out from pushing to that resource until the lock expires or is released.
For software prompts, system rulesets, and code templates, AIMD introduces the first secure DRM Autoshield & Hardware Seats Telemetry Engine. It allows creators to distribute secure licenses to enterprise buyers and audit downstream client executions:
Upon purchasing a license, buyers receive a unique license key. When their downstream client app boots, it generates a host hardware hash (combining CPU serials, disk UUIDs, and network MACs) and checks in with the API.
The server registers the hardware hash under the license key. Subsequent boots from the same device utilize the seat. If a new hardware hash checks in, a seat slot is occupied up to the max capacity limits.
Each client check-in log records geo-location metadata (city, country, and IP range). The creator visualizes this live ping stream directly on their workspace DRM dashboard to audit active usage.
If verify pings for a single license key check in from multiple distinct country IPs in an overlapping time window (indicating key sharing or credential leaks), the **Autoshield Engine** trips. The key is instantly flagged as `compromised`, its active seats allocation is frozen to `0`, and downstream client check-in queries return authorization failures until the workspace administrator manually reviews and resets the lock.