Loading...
WorkSpax engineers production systems where MCP, A2A, RAG, and AG-UI meet HIPAA-grade workflows, insurance automation, voice AI, clinical intelligence, and cryptographic attestation.
MCP, A2A, AG-UI, OASF, AP2 — open standards for tool contracts, agent hand-offs, streaming interfaces, and capability discovery. No proprietary lock-in.
Grounded RAG, evaluation loops, latency-aware routing, and multi-model orchestration — matching the right model to each task class, regulated environment, and latency budget.
HIPAA, SOC 2, GDPR, zero-trust access, cryptographic attestation, and tamper-evident audit logs — built into every layer as infrastructure, not bolt-ons.
Open Standards
Six open protocols form the interoperability backbone of every WorkSpax deployment. Any model, any agent framework, any enterprise platform.
Secure tool and resource contracts for enterprise AI
How WorkSpax uses it
Every WorkSpax integration exposes MCP-compatible tool surfaces. Ghost logs each MCP tool invocation to the cryptographic Evidence Log with a signed record. AIVAON pulls CRM context mid-call without storing credentials client-side.
Standardized contracts that let LLMs safely interact with databases, ticketing systems, CRMs, and APIs — without shipping credentials or leaking tenant context to third-party model providers. The backbone of every secure enterprise integration.
Coverage Map
Every protocol-product intersection is a live production implementation — not a roadmap item. Select any cell to see exactly how the protocol is applied.
| Protocol | Ghost | ClaimF8 | SmartDx | AIVAON | ARCNAT | Afya |
|---|---|---|---|---|---|---|
| MCP | ||||||
| A2A | ||||||
| RAG | ||||||
| AG-UI | ||||||
| OASF | ||||||
| AP2 |
All implementations are live in production — select any highlighted cell for details.
Architecture
Five deterministic stages — from raw enterprise input to cryptographically attested output. Select any stage to see what the engineering looks like inside it.
Latency-aware, cost-optimized model selection per task class. Voice and real-time channels route to sub-200ms inference tiers. Compliance-sensitive tasks require audit-grade model versions pinned to the registry. Batch analytics trade latency for depth.
Platform Design
The WorkSpax platform is a seven-layer architecture where every layer produces auditable artifacts. Select any layer to explore the engineering behind it.
Ed25519 device signing with Secure Enclave key storage, SHA-256 hash-chained Evidence Log, deterministic replay for any AI decision, fleet attestation across enterprise deployments, model registry with immutable version hashes. The moat no cloud-first competitor can enter.
{
"model": "ghost-4-sovereign · on-device",
"locality": "100% on-device · zero cloud",
"context_hash": "sha256:a8f3c1…d29e",
"chain_hash": "sha256:b4e791…1f2a",
"signature": "ed25519:7c3fa2…9d2e ✓",
"policy": "passed · HIPAA-compliant",
"latency_ms": 187,
"deterministic": true
}Regulatory Compliance
The EU AI Act is not a checklist — it demands signed, reproducible evidence per AI decision. WorkSpax produces cryptographic compliance artifacts at every inference boundary, not assertions after the fact.
High-Risk AI Systems
All Art. 9–15 provisions covered with cryptographic evidence artifacts.
AI Risk Management
Govern, Map, Measure, Manage — all four RMF 2.0 functions implemented.
Healthcare AI
PHI guards embedded in every clinical AI workflow — Smart Diagnose, AI Care Concierge, ZenoXCare.
Enterprise Security
Automated SOC 2 artifacts at every AI call boundary. No manual evidence collection.
Establish, implement, and maintain a risk management system throughout the AI system lifecycle.
7-layer policy architecture with Ghost attestation at every decision boundary. Signed risk artifacts per call.
Establish, implement, and maintain a risk management system throughout the AI system lifecycle.
7-layer policy architecture with Ghost attestation at every decision boundary. Signed risk artifacts per call.
Training, validation, and test data subject to appropriate governance and bias controls.
Tenant isolation, GDPR consent receipts, data residency constraints per jurisdiction, versioned policy packs.
Training, validation, and test data subject to appropriate governance and bias controls.
Tenant isolation, GDPR consent receipts, data residency constraints per jurisdiction, versioned policy packs.
Maintain comprehensive technical documentation before market placement and throughout lifecycle.
Machine-readable Evidence Log: tamper-evident, SHA-256 chained, and export-ready for regulators and auditors.
Maintain comprehensive technical documentation before market placement and throughout lifecycle.
Machine-readable Evidence Log: tamper-evident, SHA-256 chained, and export-ready for regulators and auditors.
Automatically log events to enable post-market monitoring and traceability over the system lifetime.
SHA-256 hash-chained audit trail per AI decision. Deterministic replay with 3–7+ year model archive retention.
Automatically log events to enable post-market monitoring and traceability over the system lifetime.
SHA-256 hash-chained audit trail per AI decision. Deterministic replay with 3–7+ year model archive retention.
Design systems sufficiently transparent for deployers and users to interpret output appropriately.
AG-UI streaming surfaces reasoning in Simple / Advanced / Paranoid modes. Explainability payload with every decision.
Design systems sufficiently transparent for deployers and users to interpret output appropriately.
AG-UI streaming surfaces reasoning in Simple / Advanced / Paranoid modes. Explainability payload with every decision.
Enable effective oversight measures by natural persons during the period of use.
Mandatory policy gates with configurable human escalation paths. Supervisor review queues with override logging.
Enable effective oversight measures by natural persons during the period of use.
Mandatory policy gates with configurable human escalation paths. Supervisor review queues with override logging.
Achieve appropriate accuracy, robustness, and cybersecurity throughout the lifecycle.
Continuous eval loops, drift detection, adversarial input filtering. Safety layer with regression monitors per deployment.
Achieve appropriate accuracy, robustness, and cybersecurity throughout the lifecycle.
Continuous eval loops, drift detection, adversarial input filtering. Safety layer with regression monitors per deployment.
Evidence artifacts are cryptographically signed at runtime and available for regulator export. WorkSpax produces compliance proofs, not compliance assertions. This is not legal advice. Consult qualified counsel for jurisdiction-specific EU AI Act obligations.
Platform Capabilities
All six WorkSpax products are built on a shared, production-tested intelligence platform with these six core capabilities.
Route each request to the optimal AI model — Anthropic, OpenAI, or proprietary — based on task type, latency budget, and compliance constraints. No single-model lock-in.
Sub-200ms responses on edge-optimized infrastructure. Every AI call is parallel-processed, cached intelligently, and monitored for latency regression continuously.
SOC 2, HIPAA, GDPR, and quantum-safe encryption built into every layer. Compliance is infrastructure, not a checkbox applied after the fact.
Every decision includes confidence scores, reasoning chains, and audit trails. Regulators, clinicians, and executives can trace exactly how conclusions were reached.
Built on MCP and A2A protocols. WorkSpax agents interoperate with any model, any framework, and any enterprise system — no proprietary lock-in at any layer.
Production feedback loops retrain and improve models on domain-specific data. Accuracy improves every week without manual intervention or service disruption.
In Production
Every WorkSpax product is built on the Lab's protocol stack. See which open standards power each solution — and follow the links to explore them in depth.
Cryptographically attestable AI
Insurance claims in under 4 minutes
99.8% diagnostic accuracy
AI voice agents, every call
Evidence-first retirement administration
3-week outbreak prediction
For Agents & Search Systems
AI agents, LLMs, and search integrations can consume structured WorkSpax manifests — OASF-aligned capability schemas, OpenAPI stubs, and agent cards for automated indexing and programmatic integration without scraping.
All endpoints return structured, versioned data — no HTML scraping, no fragile parsing, no rate-limited web crawl required.
/api/public/ai-discovery
AI Discovery Manifest
Structured protocol map with solution capabilities, endpoints, and OASF-aligned schemas for automated agent indexing.
/.well-known/agent.json
Agent Card
Machine-readable agent card with supported protocols, authentication modes, and capability declarations for agent-to-agent discovery.
/api/openapi
OpenAPI Stub
OpenAPI 3.1 specification for all public endpoints — importable directly into Postman, Insomnia, or any AI tool builder.
/llms.txt
LLMs.txt
Curated context file following the llms.txt standard — optimized for LLM ingestion of WorkSpax capabilities, product names, and key facts.
Technical Depth
Enterprise architects and AI engineers ask hard questions. We answer them directly.
Start with one solution. Prove results in 30 days. Scale across your organization. Every engagement begins with a free strategic consultation.