Why detect-approve-execute isn't just a safety feature

We interviewed 40 professionals who had tried agentic email tools — the kind that auto-label, auto-archive, even auto-send. The pattern in their stories changed our product roadmap.

Almost everyone had a horror story. An auto-sent reply with the wrong tone to an important client. A filter that silently archived a contract. An auto-scheduler that double-booked a board meeting. But the deeper finding was what happened after: they did not just stop using the feature. They stopped trusting the entire product, including the parts that worked.

Trust in automation is asymmetric. One unauthorized action that goes wrong costs more confidence than fifty correct ones build. The mental model users need is not this tool is usually right. It is this tool cannot hurt me.

That is why detect-approve-execute is a permanent principle for us, not a beta limitation we will relax later. The system detects, you approve, then it executes. Deletes go to Trash. Every action has an undo window. Nothing is ever sent on your behalf without a tap.

Competitors frame autonomy as the destination — the dream of an inbox that runs itself. Our interviews suggest the opposite: the dream is an inbox where nothing happens without you, but everything is one tap away.