AI agent using your inbox
Do not give the agent your inbox.
When an agent works from a human mailbox, it borrows more than email. It borrows identity, history, authority, reputation, and risk. Gent gives delegated work its own address and boundaries.
The problem
A human inbox was not designed to be an agent workspace.
Personal and team inboxes are full of context that belongs to people: private threads, sent history, calendar clues, client relationships, and reputation. Giving an agent access there makes delegated work harder to bound, review, and explain.
Mixed identity
Recipients see the person's address, not a clear agent or workflow address.
Mixed authority
The agent inherits access and expectations that were meant for a human.
Mixed record
Agent actions land beside personal sends, team threads, and unrelated history.
Mixed risk
A bad reply, deletion, or overreach affects the human mailbox and reputation.
The workaround
Forwarding and mailbox credentials only move the risk around.
Shared login
The agent signs into a Gmail or Outlook account and operates inside a mailbox built for a person.
Forwarding
Messages are copied somewhere else, but the work, decisions, and audit trail split across systems.
Draft assist
The agent prepares text in a human mailbox, leaving review and recordkeeping dependent on the person's habits.
Custom scripts
Routing, parsing, and reply logic live in code that has to recreate inbox state, permissions, and history.
Manual cleanup
People still reconcile what happened, what was sent, what needs approval, and what belongs in the business record.
The Gent model
Give the agent a proper place to work.
Gent separates the delegated workspace first. The agent gets its own inbox, address, token scopes, approval rules, events, and audit trail, while the human inbox remains human.
Own address
The agent or workflow receives mail at an address meant for that job.
Scoped token
Access can be limited to the reads, sends, labels, tasks, files, or approvals the agent actually needs.
Approval gate
High-risk sends and destructive actions can wait for a person before they execute.
Own record
Messages, replies, files, webhooks, approvals, and audit events stay attached to the delegated inbox.
When it matters
The more capable the agent, the cleaner the boundary needs to be.
Client replies
Keep client-facing agent work out of a founder, consultant, or account manager's personal sent folder.
Vendor operations
Let an agent collect documents and follow up without seeing unrelated finance or admin mail.
Support triage
Classify and prepare responses without turning a help desk or team mailbox into an agent credential.
Regulated work
Preserve who approved what, when, and from which delegated inbox.
Why Gent
Delegation starts with separation.
A safer email agent is not just a better prompt. It is a workspace with its own address, rules, authority, and record. Gent gives software the inbox layer it needs before it starts acting on behalf of a business.
Not your inbox
The agent does not need your mailbox to receive, read, respond, and act.
Not blind access
Tokens and approvals define what autonomy can touch.
Not a forwarding hack
The message, action, review, and history stay in one operating record.
API-first
Agents and internal tools can use inbox primitives directly instead of screen-driving a human mailbox.
Next step
Give the delegated work its own address.
Start with one workflow that should no longer borrow a human inbox: vendor intake, client follow-up, support escalation, or agent-managed approvals.