# Email Processing Policy v1

## Objective
Process only explicitly approved forwarded emails, extract useful actions, and preserve privacy/security by default.

## Scope
- Channel: Gmail-forwarded messages only.
- Purpose: Summarization, action extraction, reminder drafting, and urgency flagging.
- Out of scope: Full inbox ingestion, auto-execution of destructive/state-changing actions without explicit CONFIRM.

## Allowed Inputs (whitelist)
- Approved senders/domains (initial):
  - `@yourcompany.com`
  - `billing@...` (trusted vendors only)
  - `project-updates@...`
- Approved categories:
  - Invoices/receipts
  - Project updates
  - Scheduling/meeting updates
  - Account/security alerts

## Blocked Inputs (denylist)
- Password reset links/codes (summarize only; never auto-act)
- Financial account statements containing full account numbers
- Legal/HR/medical documents unless explicitly requested per-message
- Any message with API keys, tokens, secrets (redact and quarantine)

## Processing Actions (read-only, default)
1. Summarize message in 3-7 bullets.
2. Extract action items with owner + due date (if present).
3. Detect urgency and label `low|medium|high`.
4. Suggest next step commands (but do not execute state changes automatically).

## State-Changing Actions (confirmation-gated)
Require exact user confirmation text: `CONFIRM`
- Create/modify reminders
- Send/reply/forward messages
- Move/archive/delete items
- Trigger external workflows

## Data Handling & Privacy
- Redact sensitive patterns before storage/logging:
  - API keys/tokens/secrets
  - SSNs/full card numbers
  - One-time passcodes
- Store only minimal derived data (summary, tasks, due dates, source reference).
- Keep raw content only when necessary for traceability.

## Retention
- Summaries/tasks: keep in project memory files.
- Raw forwarded content: retain short-term only (default 14 days) unless explicitly preserved.

## Audit Requirements
For every state-changing action, log:
- requested change
- risk note
- exact command/action
- verification result
- timestamp + source reference

## Verification Checklist
- Filter catches only approved senders/categories.
- Sensitive fields are redacted in stored artifacts.
- No state-changing action runs without `CONFIRM`.
- Daily review shows actionable summary quality is acceptable.

## Initial Implementation Plan (safe-first)
1. Create Gmail filter for approved senders/categories only.
2. Forward to dedicated processing mailbox/workflow target.
3. Apply redaction pass before any persistence.
4. Output daily digest + proposed actions.
5. Require `CONFIRM` before any write/send/move action.