(no title)

I started building basically April last week. I have a "safety" toggle in my app. If it's on, there's a "Review Actions" tab that any write or destructive actions go to. Then when I'm done dictating/commuting/whatever, I open the Review tab and go through the actions (add this calendar event, send this text message, reply to this email, etc) one by one - it sort of works like a checklist.

Feel free to take the idea, if it's helpful. No credit/rights necessary. Y'all are much farther along than I am and if you come out with an Android app I'll probably end up a customer!

> April does not write emails for you unless you specifically ask for it.

What if it thinks you asked for it?

Yes, a safe mode would be great. I think it's a "nice to have" for a lot of early adopter (type of people who read HN), but it will be a "must have" more corporate types (a much bigger market).

Absolutely, having the AI agent write out a draft and leave it there, or better yet grant it read-only access to my email and have it draft email responses and store it somewhere else where I can retrieve it would be fantastic.

AI is still not at the point where I am comfortable letting it run free with my email, but a draft that I can read over and make changes to before sending it out is a game changer.

Its the most frightening naive reply i could imagine, if you can ask for it, it can hallucinate you asking for it or it can get prompt injected you asking for it. for voice only agents without UI approval process the only way is to have a separate clean room permission agent that does only get absolute safe context not even aggregate email titles. also for emails its impossible to design a safe agent that does any sort write action after reading anything in a mailbox because the mailbox is by definition tainted third party data and personal sensitive at the same time. even moving to a folder without can be used for attacks by hiding password reset notification mails etc.

Safe mode is absolutely necessary. I'd never let an LLM do things for me. They repeatedly prove that they categorically can't be jailed or trusted.

> April does not write emails for you unless you specifically ask for it.

> But do you think a 'safe mode' - where April does only non destructive operation like read/summarize/draft/move emails to a folder would help you build trust?

> It's in our pipeline

Wat

> April does not write emails for you unless you specifically ask for it. Users usually dictate what they want to reply.

> Send replies that I dictate (it handles the formatting and tone)

How does it handle the tone without editing your dictation?

Yes, think this needs to be way up on your priority list.

Point taken - Safe mode goes out this week.