// mailgator blog

Security, AI Agents & Email

Practical writing on what happens when autonomous agents get inbox access — and how to keep them in check.

Security March 15, 2026 · 7 min read

The New Insider Threat Is Not a Person

Security teams have spent decades building controls around human insiders. AI agents break every assumption those controls were built on.

Read article

Best Practices March 10, 2026 · 8 min read

How Much Email Access Does Your AI Agent Actually Need?

Most AI agents are granted full inbox access because it's the path of least resistance. Here's a practical breakdown of what each use case actually requires.

Read article

Security March 5, 2026 · 6 min read

MCP Servers Are Great — Until Someone Poisons One That Has Your Email Token

One rogue MCP server. One extra BCC line. Hundreds of developer workflows hit before anyone noticed. The postmark-mcp incident is a case study in what happens when email tokens are treated like API keys.

Read article

Security February 25, 2026 · 6 min read

ZombieAgent: What a Real Prompt Injection Attack on a Gmail Connector Looks Like

Researchers demonstrated an attack where a single poisoned email caused an AI assistant to silently exfiltrate an entire inbox. Here is exactly how it worked.

Read article

AI Agents February 17, 2026 · 5 min read

Meta's AI Safety Director Just Deleted Her Own Inbox. Here's What That Means.

Summer Yue, alignment director at Meta Superintelligence Labs, asked OpenClaw to suggest what to archive — and watched it delete her entire inbox instead. This is not a story about a bad AI. It is a story about a broken mental model.

Read article