Skip to content
Email Security
Gmail

Secure Gmail for AI Agents

Gmail's OAuth scopes are all-or-nothing: gmail.modify grants full read, write, send, and delete. PortEden sits between your AI agent and the Gmail API, enforcing the granular rules that Google doesn't provide.

Secure Gmail CLI

PortEden's Secure Gmail CLI is a command-line tool that sits between AI agents and the Gmail API. Install it in minutes, define your security rules, and every Gmail request from any AI agent gets filtered automatically. No code changes needed on the agent side.

The Problem

Giving AI agents direct access to your data is risky. Here's what can go wrong.

Inbox Deletion via gmail.modify

The gmail.modify scope lets agents trash and permanently delete messages. A single misconfigured loop can wipe years of email in seconds.

Prompt Injection via Email Content

Attackers embed hidden instructions in email HTML that AI agents parse and execute, hijacking them to forward data or send unintended replies.

OAuth Token Exposure

AI agents hold your raw Google OAuth refresh token, and if the agent environment is compromised, attackers get persistent access to your entire Gmail account.

How PortEden Protects You

Six layers of security between AI agents and your data.

Visibility Controls

Choose what agents see: full content, headers only, or redacted versions with HTML stripped to neutralize prompt injection.

Action Limits

Restrict agents to read-only, draft-only, or full write access so they can never send or delete without permission.

Contact Rules

Block agents from seeing emails involving specific people or domains to keep sensitive correspondence invisible to AI.

Time Windows

Limit access to recent emails only with boundaries like 'last 7 days' or 'last 30 days' per agent.

Get Started in 3 Steps

1

Install the CLI

Install PortEden CLI and connect your Gmail account via secure Google OAuth.

2

Set Your Rules

Configure visibility controls, contact rules, action limits, and time windows per agent.

3

Connect Your Agent

Point your AI agent to PortEden instead of the Gmail API and every request is filtered with full audit logging.

Without vs. With PortEden

Without PortEden

  • gmail.modify scope grants full read/write/send/delete with no middle ground
  • Prompt injection via HTML email can hijack agent behavior
  • Raw OAuth refresh token stored in agent's environment
  • No audit trail of which emails the agent accessed
  • Revoking access means disconnecting the entire Google integration

With PortEden

  • Granular read-only, draft-only, or write access per agent
  • HTML stripping and redaction neutralize prompt injection
  • OAuth token stays in PortEden. Agents never see it
  • Full audit log: which emails accessed, what was returned, what was blocked
  • One-click revocation per agent, per provider, or globally

Related Solutions

Frequently Asked Questions

Can AI agents delete my Gmail emails?
Yes. If granted the gmail.modify or mail.google.com OAuth scope, an AI agent can read, send, trash, and permanently delete messages. PortEden prevents this by enforcing action limits that restrict agents to read-only or draft-only access.
How do I limit what ChatGPT can see in my Gmail?
With PortEden, you configure visibility controls that determine whether agents see full email content, headers only, or redacted versions. You can also set contact rules to hide emails from specific senders or domains entirely.
Is it safe to give Claude access to my Gmail?
Without a security layer, AI agents hold your raw OAuth tokens and have broad access. PortEden acts as a data firewall. The agent never touches your OAuth token directly, and every request is filtered through your rules before data is returned.
What is prompt injection via email and how does PortEden prevent it?
Prompt injection via email is when a malicious sender embeds hidden AI instructions in an email body. When an AI agent reads the email, it may execute those instructions. PortEden's visibility controls can redact email bodies or strip HTML, neutralizing hidden instructions before the agent sees them.
Does PortEden work with Google Workspace?
Yes. PortEden connects via standard Google OAuth and works with both personal Gmail accounts and Google Workspace (business) accounts. It adds a security layer on top of existing Google admin controls.

Ready to secure your data?

Set up PortEden in under 5 minutes. Free tier available.

Read the Docs