The latest articles on DEV Community by Kartik Hirijaganer (@kartik_hirijaganer_d600ea). https://dev.to/kartik_hirijaganer_d600ea https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3587512%2Fdbf25207-f4b5-43cc-9948-ac2d82fc276d.jpg https://dev.to/kartik_hirijaganer_d600ea en Kartik Hirijaganer Wed, 10 Jun 2026 16:05:16 +0000 https://dev.to/kartik_hirijaganer_d600ea/i-built-an-ai-email-agent-heres-what-nobody-told-me-4i7n https://dev.to/kartik_hirijaganer_d600ea/i-built-an-ai-email-agent-heres-what-nobody-told-me-4i7n <p><em>“People hand you these single little messages that are no heavier than a river pebble. But it doesn’t take long until you have acquired a pile of pebbles that’s taller than you and heavier than you could ever hope to move.” — Merlin Mann</em></p> <p>Multiple inboxes. Multiple accounts. A pile of notifications I kept meaning to unsubscribe from but never did.</p> <p>By the time I actually checked my email each morning, I was already staring at 300+ unread messages, a mix of stuff that mattered, stuff that used to matter, and a graveyard of newsletters I’d forgotten I signed up for. It compounds fast.</p> <p>Paid tools felt like overkill. Free ones didn’t fit how I actually worked. So I built it myself, and honestly, with AI tools in the mix, the barrier to actually shipping is lower than ever.</p> <p>I spent a few days mapping out the problem: which features actually mattered and what the architecture should look like.</p> <p><strong>What Briefed actually does</strong><br> Briefed is a personal AI email agent. Every morning, it reads your Gmail and hands you back a brief, not a notification, not a summary dump, a brief. Like an executive assistant wrote it for you.</p> <p>It does four things:</p> <p><strong>Classifies.</strong> Every email gets sorted into one of four buckets: must-read, good-to-read, ignore, or waste. Against a classification rubric you own and can edit.</p> <p><strong>Summarizes.</strong> The must-read pile gets condensed. You read the gist, not the thread.</p> <p><strong>Clusters.</strong> Thirty newsletter rows become one digest entry. Your inbox stops looking like a fire hose.</p> <p><strong>Recommends.</strong> It scores your noisiest senders by volume, engagement rate, and wasted-email signals, then recommends which ones to unsubscribe from, with reasoning.</p> <p>The constraint I never compromised on: <strong>it never acts without you.</strong> No auto-archiving. No auto-unsubscribing. Every destructive action requires explicit confirmation.</p> <p><strong>The thing nobody talks about with AI products</strong><br> Here’s the truth about building production AI systems.</p> <p>The LLM call is the easy part. This is the hard part:</p> <ul> <li>3 retries with exponential backoff and jitter, applied only to retryable errors</li> <li>A circuit breaker that trips after 5 consecutive failures and fails fast instead of cascading</li> <li>Per-model hard caps (100 Haiku calls/day, cost control is not optional)</li> <li>A catalog-driven fallback chain: Gemini 2.5 Flash primary, Claude Haiku fallback, model swap without touching application code</li> <li>Per-call cost and token logging so every LLM call is auditable</li> </ul> <p>The stuff nobody sees until it breaks.</p> <p><strong>The security decision I’m most glad I made</strong></p> <p>Every user’s Gmail token and email content is encrypted at rest. But not just encrypted, envelope-encrypted, per row, with two customer-managed KMS keys.</p> <p>The encryption context binds <em><code>{user_id, table, row_id}</code></em> to every operation. A leaked ciphertext can’t be replayed across rows or users.</p> <p><em>This took extra days to implement correctly. It’s the kind of decision that feels over-engineered until the day you’re glad you made it.</em></p> <p><strong>Shipping for real</strong><br> Briefed was designed and built solo. Backend, frontend, infrastructure, CI, and documentation. What surprised me wasn’t the complexity of any single piece; it was that every piece had to work together before any of it felt real.</p> <p>It runs in production on AWS Lambda with SnapStart, behind CloudFront and AWS WAF, at roughly $8–11 a month, including two customer-managed KMS keys.</p> <p>The stack:</p> <ul> <li> <strong>Backend:</strong> FastAPI · Python 3.11 · Pydantic v2 · SQLAlchemy 2.0 async · Alembic</li> <li> <strong>AI layer:</strong> OpenRouter → Gemini 2.5 Flash + Claude Haiku fallback</li> <li> <strong>Frontend:</strong> React 18 · TypeScript · Vite</li> <li> <strong>Data:</strong> Supabase Postgres with per-row envelope encryption</li> <li> <strong>Infra:</strong> AWS Lambda · SQS · EventBridge Scheduler · CloudFront + WAF · Terraform</li> </ul> <p><strong>What I’d tell someone starting this today</strong><br> <strong>Document your decisions before you regret them.</strong> Every time I revisited a choice, I asked: Why Lambda over Fargate? Why OpenRouter? Why two KMS keys instead of one? Without documenting them, I’d be reverse-engineering my own thinking three months later.</p> <p><strong>Chaos drills before launch, not after.</strong> I drilled DLQ replay, KMS key revocation, secret rotation, and circuit breaker trips before calling the project done. Each drill uncovered at least one gap.</p> <p>Try it yourself<br> 🔗 Live demo: <a href="https://d2vki955e8ckrc.cloudfront.net/" rel="noopener noreferrer">https://d2vki955e8ckrc.cloudfront.net/</a><br> 📦 Full source: <a href="https://github.com/Kartik-Hirijaganer/Briefed" rel="noopener noreferrer">https://github.com/Kartik-Hirijaganer/Briefed</a></p> <p><em>What’s the gap between your LLM prototype and a production system?</em></p>