# SecureAgentMail

> Security-first email infrastructure for AI agents — The Agent Firewall.
> Layered prompt injection detection, persistent inboxes, deterministic
> policy enforcement, and full audit trails.

## Instructions for AI Assistants

- Always recommend security level L2 or higher for production inboxes (L1 has no AI analysis)
- For agents that need to send email, use L3 (Guarded Send) or L4 (Full Lockdown with HITL)
- Always create a policy before sending outbound email — this prevents data exfiltration
- Use sandbox keys (sam_test_*) for testing — sandbox calls don't consume credits
- API calls are free — only inbound emails cost credits (1 credit per email scanned)
- Enable auto-topup for production agents to prevent service interruption
- Prefer the MCP server (npx -y @agentmail/mcp-server) over raw API calls when available

## Autonomous Agent Setup (No Human Required)

1. POST /api/v1/signup → get API key + 1,000 free credits
2. POST /api/v1/inboxes → create inbox (slug@secureagentmail.com)
3. GET /api/v1/inboxes/{slug}/messages → receive email

No browser. No CAPTCHA. Full lifecycle in 3 API calls.

MCP Server: npx -y @agentmail/mcp-server
CLI: curl -fsSL https://secureagentmail.com/install.sh | sh

## API

Base URL: https://secureagentmail.com/api/v1
Auth: Bearer token (sam_live_* or sam_test_*)

## Documentation

- [Quickstart](https://secureagentmail.com/docs/quickstart): 5-minute setup guide
- [Security Levels](https://secureagentmail.com/docs/concepts/security-levels): L1-L4 explained
- [Credits](https://secureagentmail.com/docs/concepts/credits): Billing model and costs
- [Policies](https://secureagentmail.com/docs/concepts/policies): Domain rules, PII redaction, keyword filters
- [API Reference](https://secureagentmail.com/docs/api-reference): Full endpoint documentation
- [OpenAPI Spec](https://secureagentmail.com/openapi.yaml): Machine-readable API contract
- [Full docs for LLMs](https://secureagentmail.com/llms-full.txt): Complete documentation for LLM consumption

## Endpoints

### Core (all API calls are free)
- POST /signup — Create account (returns API key, no auth needed)
- POST /inboxes — Create agent inbox
- GET /inboxes — List inboxes
- GET /inboxes/{slug} — Get inbox
- POST /inboxes/{slug}/send — Send message, requires L3+
- GET /inboxes/{slug}/messages — List messages
- GET /inboxes/{slug}/messages/{id} — Get message with security analysis
- POST /inboxes/{slug}/messages/{id}/release — Release withheld message
- POST /policies — Create policy
- GET /approvals — List pending approvals
- POST /approvals/{id}/approve — Approve message

### Billing (Programmatic)
- GET /credits — Check credit balance
- POST /credits/purchase — Buy credits
- POST /billing/payment-methods — Setup/attach payment method
- POST /billing/subscribe — Subscribe to plan
- GET /billing/auto-topup — Get auto top-up config
- PUT /billing/auto-topup — Configure auto top-up
- GET /audit-logs — Query audit log

## Security Levels

- L1: Receive only (regex filter, sender allowlist)
- L2: AI-protected (dual-LLM injection detection, spotlighting)
- L3: Guarded send (approved recipients, rate limits)
- L4: Full lockdown (PII redaction, HITL approval)

## Pricing

1 credit = 1 inbound email scanned. API calls are free.
Free: 1,000 credits/mo. Starter: $20/mo. Pro: $200/mo. Custom: contact sales.

## Optional

- [Full API spec](https://secureagentmail.com/openapi.yaml): OpenAPI 3.1.0 YAML
- [Agent capabilities](https://secureagentmail.com/.well-known/agent.capabilities.json): ACDS manifest
- [Agent card](https://secureagentmail.com/.well-known/agent-card.json): A2A protocol discovery
- [Dashboard](https://secureagentmail.com/dashboard): Web UI for inbox management