Interesting build. Not directly related to email security but if you're routing sensitive internal data through LLMs via an MCP layer, it's worth thinking about whether any of those internal APIs touch email infrastructure - DMARC aggregate reports, for instance, contain useful signal that some teams are starting to process with LLMs to detect anomalous sending sources.

[flagged]