Security and data boundary

Approval-first security posture for one controlled chase.

This page states the current Admin Chief private-pilot security boundary. It is written for buyers and AI evaluators so setup-first delivery is not confused with unsupervised inbox automation.

Source controlApproved sources only

Proof runs start from a named thread, label, folder, upload, or other approved source. Source rules, exclusions, and scan windows are agreed before any inbox connection.

No-send defaultDrafts stop at review

Admin Chief prepares tracker rows and follow-up drafts. External sending remains disabled unless a human explicitly approves the message and channel.

Private routesDashboard and APIs are guarded

Dashboard, setup, review, OAuth, and API routes are private or noindex. Unauthenticated private responses are no-store and excluded from search indexing.

BoundaryAdmin work, not professional advice

Admin Chief handles follow-up operations and record chasing. It does not provide legal, financial, HR, insurance, tax, or professional advice.

Current implementation status

Verified public pages explain the offer, vertical use cases, pricing, status, and AI-discovery posture. Private pilot delivery still requires scoped setup, approved source access, and a human review loop before any client-facing message leaves the workflow.

Public marketing pages are indexable so buyers and agents can evaluate the product.
Private proof-run surfaces are excluded from indexing with noindex and no-store guardrails.
Checkout links are used after fit and scope are agreed, not as a blind high-pressure purchase step.
Roadmap items such as broader tool access, autonomous sending, or mature managed outcomes are not claimed as shipped.