steve
79b62b24c2
emcli is a Go CLI that mediates an AI agent's email access, enforcing per-account read/send restrictions so credentials never reach the agent. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1.7 KiB
1.7 KiB
emcli - PRD
A CLI utility to allows an agent skill to send and receive IMAP emails but with only with enforced restrictions configured by the user Agent never has access directly to IMAP account - everything filters through emcli Email credentials are never exposed to Agent
The reason is exists
Even with strong mandatory instructions, AI can still hallucinate - there is a need to protect against these hallucinations when using live emails
Required Functionality
- single cross platform binary
- config in encrypted SQLite file (to ensure email credentials don't leak)
- encryption key held as ENV variable - should never be exposed to calling Agent
- multiple email account support
- mark an account as "RO" (read only) or "RW" (read and send)
- whitelist-in toggle (false = allow emails from anybody to be read, true = process only emails from whitelisted inbound email addresses)
- whitelist-out toggle (false = allow emails to be sent to anybody, true = send emails only to those in whitelisted outbound email addresses)
- subject filtering - blank to ignore subject, regex to only read specific emails matching a subject
- CLI output generally as structured JSON only (for Agentic use)
- Structured JSON would likely be boolean for error (true/false), JSON blob for error details (or empty if no error), JSON blob for returned data
- Admin functions (CRUD of email accounts, white lists and other config) would be human readable output and may be interactive
- "Pointer" to last read email per account held in config - Agent can ask for only new emails
- No graphical UI needed
- TUI used for init and (re)configuration
- TUI not used for reading emails etc. - we are not building a full email client