[thenaturalist]

Hi there,

first of all, commendable effort!

On the one hand, I'd love, love, loooove to see something like that as reducing the cognitive load of managing email is one of the biggest improvements my digital life could see.

On the other hand, there are so many unhandled security risks in the scenario "email + LLM" that I wouldn't even trust official integrations to be perfect.

See a short demo from BlackHat Conf here how a single email can essentially "break" Microsoft 365 Copilot: https://www.youtube.com/watch?v=tr1tTJk32uk

Not even a need to open the email, just having it in your inbox.

Full talk (highly recommended): https://www.youtube.com/watch?v=-YJgcTCSzU0

There are so many unadressed shenennigans when it comes to email and prompt injection that - unfortunately - despite this looking awesome, I would never trust it with full access to my email today.

Have you thought about pulling data into a sandbox, the compute happens and there is no outside connectivity and I get a list of actions to review and approve manually?

[nischalhp]

Hello,

This is exactly why we put this together. This project runs on your laptop / desktop with no outside connectivity, apart from pulling the model to your local compute ecosystem.

There is no room for prompts injection, because this is running locally and you can see the prompts and even modify them as its an open source project before you run.

[thenaturalist]

Hi, appreciate the response.

In your demo video at least it shows the message that "If a message is deleted wrongly, please go to your trash and recover it.".

That's not a great UX.

If your tool is geared towards supporting people with bulk actions but I cannot modify in any way bulk actions prior to them being executed that creates more grunt work for me, then sifting through what I have to remember were wrongly deleted emails...

Also when I see the button "Schedule new cleanup" it reads to me like a background task running?

Or would this pop up at the specified time and prompt me for manual approval before cleaning up?

[skun]

Hi, dev here.

Thanks so much for engaging :) I understand your point, here's sort of the philosophy behind the decisions we took regarding it:

The purpose of the app was to be as _hands off_ as possible. And because an LLM is involved in the mix, it might misclassify some emails and delete them.

For this reason, we label each email that we delete and it is possible to navigate to the email from the Run Status screen also, thereby allowing us to recover that email (if it was wrongly deleted). There is also a filter on the run status page to show all those emails marked for deletion.

In all our test runs, we found misclassification to be a minimum and hence we felt confident to go with this approach.

The "Schedule new cleanup" does indeed schedule a background task that does the actual inference + deletion.

[thenaturalist]

Thanks a lot for following up!

It's great to learn you put quite some consideration into the workflow and the handling of deletions, gives me confidence into the tool.

I'd definitely share more of what you shared here in your read me or product demo video as well, I find it super relevant context for users.

[skun]

That makes sense. I will make changes to the README and we will make a quick product video too :)