Skip to content
Email Security
Gmail

Secure Gmail for AI Agents

Gmail's OAuth scopes are all-or-nothing: gmail.modify grants full read, write, send, and delete. PortEden sits between your AI agent and the Gmail API, enforcing the granular rules that Google doesn't provide.

Connect PortEden to Gmail

Cloud MCP connector URL

https://mcp.porteden.com/email

Add as a connector in

ClaudeChatGPTGrokGeminiCopilot
Read full MCP connector setup docs

How PortEden Protects You

Six layers of security between AI and your data.

Visibility Controls

Choose what agents see: full content, headers only, or redacted versions with HTML stripped to neutralize prompt injection.

Action Limits

Restrict agents to read-only, draft-only, or full write access so they can never send or delete without permission.

Contact Rules

Block agents from seeing emails involving specific people or domains to keep sensitive correspondence invisible to AI.

Time Windows

Limit access to recent emails only with boundaries like 'last 7 days' or 'last 30 days' per agent.

Get Started in 3 Steps

1

Install — CLI or MCP

Install the PortEden CLI or add the cloud MCP connector to your AI client, then connect your Gmail account via secure Google OAuth.

2

Set Your Rules

Configure visibility controls, contact rules, action limits, and time windows per agent.

3

Connect Your Agent

Point your AI agent to PortEden instead of the Gmail API and every request is filtered with full audit logging.

Without vs. With PortEden

Without PortEden

  • gmail.modify scope grants full read/write/send/delete with no middle ground
  • Prompt injection via HTML email can hijack agent behavior
  • Raw OAuth refresh token stored in agent's environment
  • No audit trail of which emails the agent accessed
  • Revoking access means disconnecting the entire Google integration

With PortEden

  • Granular read-only, draft-only, or write access per agent
  • HTML stripping and redaction neutralize prompt injection
  • OAuth token stays in PortEden. Agents never see it
  • Full audit log: which emails accessed, what was returned, what was blocked
  • One-click revocation per agent, per provider, or globally

Related Solutions

Looking for guidance specific to your industry? See industry pages →

Frequently Asked Questions

Can AI agents delete my Gmail emails?
Yes. If granted the gmail.modify or mail.google.com OAuth scope, an AI agent can read, send, trash, and permanently delete messages. PortEden prevents this by enforcing action limits that restrict agents to read-only or draft-only access.
How do I limit what ChatGPT can see in my Gmail?
With PortEden, you configure visibility controls that determine whether agents see full email content, headers only, or redacted versions. You can also set contact rules to hide emails from specific senders or domains entirely.
Is it safe to give Claude access to my Gmail?
Without a security layer, AI agents hold your raw OAuth tokens and have broad access. PortEden acts as a data firewall. The agent never touches your OAuth token directly, and every request is filtered through your rules before data is returned.
What is prompt injection via email and how does PortEden prevent it?
Prompt injection via email is when a malicious sender embeds hidden AI instructions in an email body. When an AI agent reads the email, it may execute those instructions. PortEden's visibility controls can redact email bodies or strip HTML, neutralizing hidden instructions before the agent sees them.
Does PortEden work with Google Workspace?
Yes. PortEden connects via standard Google OAuth and works with both personal Gmail accounts and Google Workspace (business) accounts. It adds a security layer on top of existing Google admin controls.

Ready to secure your data?

Set up PortEden in under 5 minutes. Free tier available.

Read the Docs