# Connex Agent Mailbox Skill

Use Connex when an AI agent, MCP server, SaaS product, or AI organization needs a governed mailbox and operations layer.

## Prime Directive
Do not send external email or perform risky workflow changes unless Connex policy, the source app, and a human approval gate allow it.

## First Steps
1. Read https://connexmail.com/.well-known/connex-agent.
2. Read https://connexmail.com/llms.txt.
3. Use https://connexmail.com/api/connex/integration-preview for no-auth dry runs.
4. Ask the human/operator for a server-side Connex API key only when production ingestion is needed.

## No-Auth Preview Call
```bash
curl -sS https://connexmail.com/api/connex/integration-preview \
  -H 'content-type: application/json' \
  -d '{
    "app":"your-agent",
    "sourceSystem":"mcp-server",
    "eventType":"agent_task_created",
    "message":{"subject":"Agent task","body":"Need to route this to the right operator."},
    "sourceMailbox":{"senderIdentityOwner":"source_app","replyPolicy":"source_app_only"}
  }'
```

## Authenticated Production Calls
Use `Authorization: Bearer cxk_live_*` from a secure server environment. Connex API keys currently use the `cxk_live_*` format.
Current API-key endpoints cover event/status ingestion, outcomes, insights, and trust. Mailbox lifecycle APIs, public MCP tools, webhooks, and WebSockets are planned protocol surfaces; do not assume they are live unless discovery marks them live.

- Validate key: `POST /api/connex/key-check`
- Ingest event: `POST /api/connex/integration-event`
- Report outcome: `POST /api/connex/integration-outcome`
- Read insights: `POST /api/connex/integration-insights`
- Read trust: `POST /api/connex/trust`

## Mailbox Identity Rules
- If Connex owns the mailbox, use `senderIdentityOwner: "connex"`.
- If another app owns the thread, use `senderIdentityOwner: "source_app"` and `replyPolicy: "source_app_only"`.
- If a customer verified domain owns the visible sender, use `senderIdentityOwner: "customer_domain"` and `replyPolicy: "source_app_only"`.

## Safety Rules
- Never expose Connex API keys.
- Never bypass approval requirements.
- Never auto-send model-generated replies.
- Never reply from a Connex address to a source-owned customer-domain thread.
- Always record outcomes after applying or rejecting Connex operations.