Stop sharing your Gmail
with your AI agent.
The OAuth button is right there and your agent 'just needs' the inbox. It's the single decision that causes the most long-term regret.
Every AI agent tutorial starts the same way. Step 4: 'Connect your Gmail.' You click through the OAuth consent, the agent gets read and send scopes on your primary email, and for about a week everything works beautifully. Then a bug in the agent sends an apology email to every person you've ever emailed. Or the agent's API key leaks and now someone else has your inbox. Or you change jobs and your personal assistant agent loses access along with your employer's SSO.
None of these failure modes are avoidable while the agent is pretending to be you. The fix is structural: the agent should have its own Gmail-equivalent mailbox, distinct from yours, with its own credentials and its own blast radius.
What goes wrong when the agent is you
The first problem is attribution. Every email the agent sends shows up in your Sent folder. Every reply lands in your Inbox. A month later you're trying to remember whether a particular message came from you or from the agent, and the answer matters because one of them is a legal commitment and the other is a hallucination.
The second problem is scope. OAuth grants are coarse. The agent that 'just' needs to send follow-ups now has full read access to your tax returns, your medical records, and your HR emails. No audit log tells you what it's read — only what it's acted on. When the agent misbehaves, the blast radius is your entire email history.
The third problem is revocation. Turning off the agent is a multi-step scavenger hunt across Google's security page, your password manager, whatever service gave the agent an API key, and any downstream OAuth grants the agent minted on your behalf. Most people do the first step and stop.
What 'own inbox' actually means
A real mailbox on a DKIM-signed domain, with its own address. Mail to it lands in a place only the agent reads; mail from it goes out with the agent's From header, not yours. Threading is automatic. Labels are separate. The whole mailbox is scoped to the agent's identity and dies with it when you retire the agent.
This is not a forwarding alias (alice+agent@yourcompany.com), not a shared team mailbox, not a throwaway Gmail account you created as a workaround. Those all reintroduce the problems above in subtler forms. What you want is infrastructure: the agent is a first-class email participant with its own routable address.
The Loomal version
Each Loomal identity ships with a real mailbox (agent-xyz@loomal.ai by default, or a custom domain on paid plans). The agent authenticates with one API key; it reads, sends, and replies from its own address. You can watch the audit log to see exactly what it's done, restricted to that one identity.
When you're done with the agent — because it was a prototype, because it belonged to a project that ended, because you replaced it with a better version — you revoke the identity and the mailbox goes with it. Every credential stored in the attached vault goes with it too. One operation, clean cut.
FAQ
But my agent needs to read MY Gmail specifically.
Some do — an email-sorting assistant for your personal inbox, for example. For those, Gmail API or Nylas is the right answer and you should accept the OAuth maintenance burden consciously. Most agents don't actually need this; they need *an* inbox, not *your* inbox.
Can I forward my Gmail to a Loomal address?
Yes. Set a filter in Gmail to forward messages matching certain criteria to the agent's Loomal address. The agent reads, processes, and acts — without needing OAuth into your primary account.
What happens to the agent's mailbox if I stop using Loomal?
Export the messages and delete the identity. Mail archives are portable; identities are not. We don't hold your data hostage.
Related reading
More stop sharing
Last updated: 2026-04-15