# MailSubsystem Core Safety Notes

MailSubsystem can move real mail. Treat the pre-release Core as developer-focused software and follow these defaults until hardening is complete.

## Use A Sandbox Mailbox First

Create a throwaway IMAP account or non-critical secondary account before connecting anything you depend on. The filing agent makes real `IMAP MOVE` calls.

## Always Dry-Run Filing

```bash
./target/release/mailsubsystem file --dry-run
```

Review proposed moves before running `file` without the flag.

## Be Explicit About Hosted Models

Configuring a frontier provider means selected email content can leave your machine.

- Hybrid mode escalates to the frontier when local confidence falls below `CONFIDENCE_THRESHOLD`.
- The Core does not redact PII from prompts.
- Audit which messages were processed by which provider through database analysis records.

## Production Mailboxes

Do not connect business-critical mailboxes until:

- Phase 5 hardening is complete.
- You have backups or mailbox snapshots.
- You have run at least a week of dry-run filing and are satisfied with the recommendations.

## Reporting Issues

Open issues at:

https://github.com/iamcobolt/MailSubsystem.git

Include `run_id` from JSON logs (`LOG_FORMAT=json`) when reporting agent behavior.