OAuth-based access
Taskless Inbox uses Gmail OAuth so users can grant access without sharing a Gmail password.
Security
Trust before autonomy.
Taskless is being built around visible, approval-based action. This page describes current design principles without claiming certifications or production hardening that are not yet complete.
Explicit approval model
The core workflow requires approval before sending email or taking user-visible action.
Proof logs
Important detections, drafts, approvals, sends, failures, snoozes, and dismissals are logged for visibility.
Server-side token handling
Tokens are intended to be handled server side rather than exposed in browser code.
Limited AI context
The product is being designed to send only the context needed for classification and draft preparation.
Early-stage hardening roadmap
Security review, monitoring, tests, webhook verification, onboarding controls, and multi-account support remain active hardening areas.
Security contact
For security questions or responsible reports related to Taskless Inbox, contact Autora directly.
business@task-less.com