Drive Security, Audit Trail, and Safe Delete/Purge Rules

Drive automation is powerful because it can move, share, and delete files. The same power needs clear safety rules. TrekMail's Drive API combines scoped tokens, recoverable Trash, explicit purge permissions, MCP safety gates, and audit logging so agents can work without becoming invisible file administrators.

Use narrow tokens

Create one token per workflow. A reporting token should read. An upload token should write. A delivery token should share. A cleanup token may purge, but it should be separate, named clearly, and used rarely.

Avoid giving a single always-on agent every Drive scope. If something goes wrong, a narrow token limits the blast radius and makes audit review easier.

Trash first, purge later

A normal delete moves files and folders to Trash. Trash is recoverable. Purge is permanent.

Use this default rule:

Agents may trash files as part of an approved workflow. Agents may purge files only when the user explicitly requested permanent deletion or when a reviewed maintenance job is running.

In MCP, permanent delete tools should require TREKMAIL_ALLOW_DESTRUCTIVE=true plus the matching purge scope.

Review public links

Public share links are designed for external delivery. Anyone with the URL can download until the link expires, reaches its download cap, or is revoked.

Safer defaults:

• Set an expiry date.
• Set a download cap.
• Revoke links when a project ends.
• Do not create public links for files that require named-recipient access unless your policy allows it.

Audit every mutating workflow

Mutating Drive API and MCP actions are recorded with token attribution. Use AI Agents & API → Audit Log to answer:

• Which token created this folder?
• Which agent uploaded the file?
• When was a public link created or revoked?
• Was a purge action performed?

If a token is revoked later, historical audit entries remain useful for review.

Mailbox constraints

When an agent only needs one mailbox Drive, constrain the token to that mailbox. The API will not reveal resources outside the constraint. This is especially important for assistants embedded in a single mailbox workflow.

Billing safety

Drive Add-on billing changes are not exposed through API or MCP write tools. Agents may read add-on status and pricing, but purchase, resize, and cancel actions stay in the dashboard. This prevents a file automation token from becoming a billing automation token.

Incident checklist

If an agent did something unexpected:

1. Revoke the token.
2. Review the audit log filtered by that token.
3. Restore files from Trash where possible.
4. Revoke unintended share links.
5. Create a narrower replacement token only after the workflow is corrected.