Security Documentation

1. Security posture

GuardScope is designed as a user-triggered Gmail analysis tool with a conservative data posture. The core security principle is to process only the email data needed to produce a requested scan, return advisory results, and avoid storing email content in GuardScope databases.

2. Data minimization controls

• Scans run only when the user initiates analysis from the extension.
• Email content is transmitted for analysis and is not stored in GuardScope databases after the response is produced.
• Anonymous access is limited to reduce abuse while keeping the launch experience usable.
• Account, quota, promo, subscription, and diagnostic metadata are separated from email content.
• Public website copy avoids guaranteed-protection claims and presents results as advisory.

3. Chrome extension boundaries

• The extension purpose is Gmail email threat analysis before users click or respond.
• Gmail content is accessed only to analyze the currently selected message.
• The extension should request only permissions needed for Gmail page integration, storage, network calls to GuardScope, and user-requested functionality.
• The Chrome Web Store listing, privacy policy, and permission justifications should describe the same single purpose.

4. Backend and API protections

• Rate limits are applied to anonymous analysis, signup, promo-code validation, and other sensitive routes where abuse risk exists.
• The backend enforces quota rules independently of website copy or extension UI.
• Anonymous users receive 5 messages per day; signed-in free users receive 5 messages per month unless changed in backend constants.
• Promo-code redemption is server-side and should remain tied to account or email identity to reduce resale and duplicate redemption.
• Sensitive provider keys must remain server-side and never ship in the extension bundle.

5. Third-party provider risk management

GuardScope uses specialist providers for AI-assisted analysis, threat intelligence, hosting, authentication, payments, DNS/RDAP, and email delivery. Provider results can be incomplete or delayed, so GuardScope combines signals and presents advisory findings instead of absolute guarantees.

6. Logging and diagnostics

Operational logs should avoid storing email bodies, subjects, recipients, headers, and extracted email content. Logs may include request identifiers, status codes, timing, account tier, quota events, and error information needed for security monitoring and support.

7. Account and password security

• New account passwords must be at least 12 characters.
• Reset-password flows require a valid recovery token.
• Users are responsible for securing their own email account and GuardScope credentials.
• Users should report suspected account compromise to support immediately.

8. Responsible disclosure

If you believe you found a vulnerability in GuardScope, email support@guardscope.app with a clear description, reproduction steps, affected URLs or extension versions, and potential impact. Please do not access another user's data, run destructive tests, degrade service availability, or publicly disclose the issue before we have had a reasonable opportunity to investigate.

9. User security guidance

• Treat GuardScope as an advisory layer, not a replacement for good judgment or organizational security controls.
• Do not click links, open attachments, or send money solely because one tool appears to mark a message as safe.
• For high-risk emails, verify through an independent channel before responding or taking action.
• Report suspicious emails to your organization, email provider, or relevant abuse contact where appropriate.

10. Contact

Security reports: support@guardscope.app Privacy requests: privacy@guardscope.app