Email infrastructure for AI agents

Your agents. Your identities.
Zero trust required.

AVIS is a stateless CLI that gives AI agents access to real Gmail identities — your support@acme.com, your personal inbox. OAuth2 PKCE auth, ChaCha20-encrypted credentials, everything local. No AVIS server exists. Nothing to breach.

Early access

Get on the waitlist

We'll email you when AVIS is ready for production use. No spam.

terminal
# Add an identity (opens browser for OAuth2)
$ avis add ops
→ {"identity":"ops","email":"ops@acme.com","status":"ready"}

# Agent signs up for a service
$ avis send ops -t service@example.com -s "Register" -b "Verify me"

# Wait for the verification email
$ avis wait ops -f service@example.com -t 60

# Extract the OTP code
$ avis extract ops --first-code
→ {"codes":["482910"]}
The thesis

Trust is infrastructure, not a feature

When an agent emails from support@acme.com, it inherits 20 years of deliverability reputation — SPF, DKIM, DMARC, sender history. No platform can provision that. It's earned.

Other solutions route your email through their servers. Your credentials leave your machine, your data lives on their infrastructure, and your agents depend on their uptime.

AVIS delegates directly to Google. Your refresh tokens are ChaCha20-Poly1305 encrypted and stored at ~/.avis/. There is no AVIS cloud. There is nothing to breach.

Comparison

AVIS vs. the alternatives

AgentMail gws CLI AVIS
Infrastructure Their cloud Gmail Gmail direct
Credential custody Their servers Your machine Your machine
Multi-identity API-managed 1 account Unlimited
Wait / Extract No No Built-in
Single point of failure AgentMail + Google Google Google only
Output format REST API Verbose JSON Flat JSON