Provable restraint

Clean your inbox. Prove you never touched what matters.

Automated triage across Gmail, Outlook, iCloud and IMAP, driven by one shared rules engine and Eisenhower priority tiers. The fail-closed protected-sender gate keeps legal, financial, government and account mail in place, and every run emits a signed, re-derivable audit receipt.

Try the live demo See pricing
Fail-closed gate Signed audit receipt Gmail · Outlook · iCloud · IMAP MCP + ACP
Trust
Never archive protected mail
The gate is sender-based and fail-closed.
Receipt
Signed, re-derivable evidence
Every run can be checked after the fact.
Surface
Human UI + MCP + ACP
One engine exposed to people and agents.
Runtime
Verified locally
The app serves, the gate holds, and ACP completes.
Delivery
Frontend + API + agents
One surface for humans, MCP tools, and ACP.
Safety
Protected mail never moves
The key invariant is enforced before action.
Evidence
Signed receipts
Every run can be audited later.

Why it's safe to automate

Three guarantees, on for everyone

The safety machinery is never a paid upgrade. Free accounts get the same gate and the same receipt — you pay for reach and retention, never for protection.

🛡️

Protected-sender gate

The gate decides on the real, parsed sending domain — not a fragile string match. Legal, financial, government and account senders are held in the inbox, always. The engine fails closed: a gate violation aborts the run.

🧾

Signed audit receipt

Every run produces an independent, re-derivable receipt — your Compliance Evidence Pack. It records what was protected, archived, moved and kept, and refuses to report success if a protected sender ever left the inbox.

✉️

One engine, every mailbox

Gmail, Outlook (Graph), iCloud and generic IMAP behind a single provider interface and one categorization taxonomy. Same rules, same tiers, same receipts — whichever inbox you point it at.

Live · no credentials

Will it ever touch this sender?

This calls the real gate on the real parsed domain. No mailbox, no signup — just proof of restraint.

Preview a triage — nothing is touched

A dry run shows exactly what would be archived plus the audit receipt. Requires a mailbox connected on the server.

Pricing

Pay for reach, never for safety

The gate and the signed receipt are included on every tier, including Free. Upgrade for more monthly runs, more providers, and retained receipts.

Loading plans…

Built for humans and agents

First-class agent surface

The same engine an inbox uses is exposed to AI agents — discover it, call it, and buy credits programmatically.

🔌 MCP server

Model Context Protocol tools over Streamable HTTP at /mcp, or run locally with python -m mcp_server. Dry-run by default; a gate violation surfaces as a tool error, never a silent success.

💳 Agentic Commerce (ACP)

Agents buy one-time credit packs via the Agentic Commerce Protocol at /acp/checkout_sessions — idempotent and atomic. Subscriptions go through Stripe Checkout.

🧭 Discovery

Self-describing at /.well-known/agent.json, /llms.txt and the MCP registry server.json. Point an agent at the host and it learns the rest.

🧾 Verifiable runs

Every triage returns a run_id; fetch the signed receipt anytime at GET /v1/audit/{run_id}. Trust is checkable, not asserted.