| ▲ | mike-cardwell 5 hours ago |
| I received this email the other day: From: Kushal <kushal@kushalsm.com>
Date: Mon, 18 May 2026 05:03:11 +0000
Saw your question on the Agent Vault thread about websocket-frame auth
(Home Assistant) and the worry about the model reflecting the bearer
token back into its own context.
chrome-relay's answer is structurally different: the credential never
enters the agent's context because the agent never touches it — the HA
session lives in your real Chrome (cookies, WS handshake and all), and
the agent drives the tab over CDP, only ever seeing the rendered page.
URL: https://chrome-relay.kushalsm.com/
For your HA + agent setup today, are you keeping the session alive in a
browser the agent attaches to, or doing the WS auth on the agent side
and managing the token-in-context risk yourself?
Kushal
Read to me like an LLM had written it. It references something I said in a HN comment, but it was clearly just an excuse to spamvertise their product.I looked at the headers and it contained a List-Unsubscribe header pointing to https://api.agentmail.to So basically somebody wrote a bot to scrape HN for comments related to some software they wanted to push and send targetted spam. agentmail.to is a Ycombinator funded email service for LLMs which can be, and is, used to send targetted spam and impersonate people. They could mostly solve this problem by adding a block of text to every email expaining an "AI" wrote it. They'd lose customers doing that though of course. I reported this abuse but haven't (and don't expect to) received a response. I don't even get the point anyway. You can get Claude using an SMTP or IMAP server in seconds. |
|
| ▲ | adisingh13 5 hours ago | parent | next [-] |
| Appreciate the concern Mike, and I actually read your email complaining, which helped us ship this next feature. We have a "sent via AgentMail" footer being added soon to outbound emails to identify emails coming from LLM's. We also are working on adding more robust checks and LLM-based filtering to prevent messages which contain spam or outbound-like copy. Re; AgentMail next to Claude, we're working on stateful inboxes which help agents actually recall and understand what they're sending and to who. The goal is to provide the rails for intelligent actors rather than slop. |
| |
| ▲ | ceheaaf 2 hours ago | parent | next [-] | | So, a footer to make sure they've already engaged with the content in good faith before seeing the spam warning, and which doesn't actually explain that the content is AI generated? Just go post on black hat forums. Plenty of people want this, it's a spam service. You don't need to be here. | |
| ▲ | mike-cardwell 5 hours ago | parent | prev | next [-] | | Re "sent via AgentMail" - that's good to hear, but I hope it's not the entire planned text, as "AgentMail" will mean nothing to most people that receive an email from your service. It wont indicate that the email was composed by an AI rather than a person, which is the information that needs to get across. | | |
| ▲ | adisingh13 2 hours ago | parent [-] | | yep we're going to have a footer linked to our website, which should allow people to see that we are an email service for agents. thanks! | | |
| ▲ | echoangle 2 hours ago | parent [-] | | Can you not just make the text more descriptive? „Sent by a generative AI model“ or something? Nobody is going to click a link in a spam email. |
|
| |
| ▲ | arewethereyeta 2 hours ago | parent | prev [-] | | "sent via AgentMail" - removable by a higher plan later on |
|
|
| ▲ | dgellow 5 hours ago | parent | prev | next [-] |
| You might want to check if your local laws protect against unsolicited emails. In Germany we have §7 UWG which would make that email likely illegal. The List-Unsubscribe header makes it clear it is marketing, automated outreach and not personal. In the UK there is this: https://ico.org.uk/for-organisations/direct-marketing-and-pr... |
|
| ▲ | sanjayparekh 5 hours ago | parent | prev [-] |
| See my comment in this thread - I got an email from "someone" (an AI clearly) that signed up for my service (togetherletters.com) from the same domain (agentmail.to) after we had launched on ProductHunt. I looked up the address and that email was never used for a signup and it was just a way to then pitch their product (second email, not the first one it sent). I hate this so much and this is going to now make email just as bad as parts of the web. |
| |
| ▲ | sanjayparekh 5 hours ago | parent | next [-] | | I will say in my case, the user was too lazy to mask the from address and agentmail.to was right there. Didn't even have to dig into the headers. | | |
| ▲ | adisingh13 5 hours ago | parent [-] | | This was likely a free tier user. We do this intentionally and don't allow free users to send from custom domains, so you can have a easier time identifying LLM emails. In this case, it seemed like it worked :) | | |
| ▲ | echoangle 2 hours ago | parent [-] | | And for paid users the receivers don’t need to have an easier time identifying the LLM email? What kind of reasoning is that? |
|
| |
| ▲ | ramon156 4 hours ago | parent | prev [-] | | I got one from IssuePay, which seemed 100% automated. Didn't seem like something that should be automated either. |
|
