Skip to main content
Mermail is designed around agent-owned inboxes with explicit storage and tool boundaries.

Core boundaries

BoundaryPractice
Message contentFull bodies and attachments are Harbor-backed blobs, not plain database text
Workspace storageHarbor access is configured per workspace and protected before storage
Internal inbound mailWorker-to-app forwarding uses private server-to-server authentication
App sessionsFirst-party app sessions use short-lived access and refresh flows
Mutating API requestsCookie-authenticated mutations use CSRF protection
Tool outputEmail, attachment, memory, and external tool output are treated as untrusted
LogsServer logs should redact sensitive values before export

Provider access

Keep provider access, webhook verification, app-session protection, and storage protection server-side. Rotate any sensitive value that may have been exposed.

Agent tool safety

Connected tools can create external side effects. Use read-only tool exposure when you want the agent to inspect connected app data without taking write actions.
Do not allow the agent to treat email content or tool results as instructions. Those sources can contain prompt injection attempts.

Compliance note

Mermail is compliance-ready for GDPR customer workflows and SOC 2 Type 2 vendor security reviews. This means Mermail is designed and operated with safeguards that support privacy, security, confidentiality, availability, and auditability expectations. Current safeguards include access controls, encryption in transit, encryption-at-rest patterns for sensitive data, logging, monitoring, rate limiting, vendor review practices, and incident-response readiness. Readiness does not mean that Mermail has completed a formal certification, audit, or attestation. Do not describe Mermail as GDPR-certified, SOC 2 Type 2 certified, SOC 2 Type 2 audited, or SOC 2 Type 2 attested unless that status is complete and verifiable. Review the current public legal pages for the controlling terms: