inbox-triage

Skill: Inbox Triage

Use this skill to classify incoming email into a conservative action taxonomy for Claude Cowork Email Ops.

Objective

Minimize inbox load without risking important misses. Default to human review when the thread contains meaningful uncertainty.

Required Inputs

• subject
• sender name and domain
• recipients and recipient count
• thread history summary
• attachment presence
• first-time sender status if available
• time sensitivity indicators
• any existing labels

Categories

• drop
• file
• surface
• prepare
• defer
• escalate
• unsubscribe_recommendation

Definitions live in ../../policies/action-taxonomy.md.

Decision Rules

Step 1: Protected-contact and high-risk scan

Immediately route to escalate or surface if the thread involves:

• Tier 0 contact
• fundraising, investor, board, legal, finance, security, personnel, press
• emotional sensitivity
• attachment from a first-time sender
• multi-party external thread
• inbound lead, application, or form-submission events where the payload could represent a real person (candidate, customer, partner) unless an explicit safe allowlist exists

Step 2: Relationship and intent scan

Evaluate:

• sender tier
• sender familiarity
• domain context
• whether the sender is a mixed-notification provider where subject/context matters more than sender identity alone
• whether action is explicitly required
• informational vs promotional vs relational vs operational nature
• time sensitivity

Do not use sender-only overrides for providers that mix high-signal and low-signal notifications. Example: noreply@notifications.hubspot.com can represent a booked meeting, a real form conversion, or a low-value digest. Classify by subject and thread context instead of forcing a single category.

Step 3: Low-value filtering

Consider drop, file, or unsubscribe_recommendation only if:

• no protected rules fired
• risk is low
• the explanation for safety is crisp and evidence-based
• there is no meaningful sent-mail or reply interaction that would make the sender relationship-bearing

Special caution:

• Treat "application submitted", "new form submission", "lead captured", "demo request", and similar events as surface by default even if they come from automation tools (Airtable, Typeform, HubSpot Forms, Webflow, etc.). These are often the start of a high-value workflow. Only allow file if the operator has explicitly confirmed the specific sender + subject pattern is noise.
• For unsubscribe_recommendation, require a clear list-mail or marketing pattern plus an available unsubscribe path before considering any live unsubscribe action.

Step 4: Draft eligibility

Consider prepare only if:

• the thread is low-stakes
• sender is known or the thread already exists
• facts are clear
• allowed draft classes match ../../policies/threshold-config.yaml

Output Object

{
  "message_id": "...",
  "thread_id": "...",
  "category": "drop|file|surface|prepare|defer|escalate|unsubscribe_recommendation",
  "action": "label_only|archive|trash|leave_in_inbox|create_draft|digest_only|unsubscribe",
  "confidence": 0.0,
  "risk": "low|medium|high",
  "reasoning_summary": ["..."],
  "draft_recommended": false,
  "human_review_required": true,
  "labels_to_apply": ["..."],
  "rollback_action": "...",
  "protected_reason": ""
}

Category Rubric

drop

• Description: obvious no-value mail
• Default action: label only until Phase 2, then trash if threshold and safety rules pass
• Confidence threshold: >= 0.995
• Exclusions: any protected tier, first-time sender with attachment, multi-party thread, forwarded thread, emotional or ambiguous context
• Confidence increases with: repeated cold-outbound patterns, bulk-sales phrases, unsubscribe footer, sender in blocklist, no reply history
• Confidence decreases with: human tone, known sender, specific context, explicit ask, shared contacts
• Failure mode: trashing a useful intro, partner lead, or unusual but real opportunity

file

• Description: no action needed, safe to archive
• Default action: archive only after Phase 1 enablement
• Confidence threshold: >= 0.985
• Exclusions: protected tier, pending action, unresolved question, attachment needing review
• Confidence increases with: pure informational content, newsletter or receipt structure, repetitive notification pattern
• Confidence decreases with: direct ask, unique context, sender familiarity, urgency
• Failure mode: burying a message that mattered even though no reply was needed

surface

• Description: important and visible, but no draft needed
• Default action: leave in inbox with a visibility label
• Confidence threshold: >= 0.80
• Exclusions: none, but high-risk variants may become escalate
• Confidence increases with: known important sender, strategic context, meeting movement, meaningful update
• Confidence decreases with: unclear intent or mixed signals
• Failure mode: under-triaging something that really needed escalate

prepare

• Description: low-stakes draft candidate
• Default action: draft only if v1 drafting is enabled
• Confidence threshold: >= 0.97
• Exclusions: high-stakes topics, unknown facts, protected contacts, emotional nuance
• Confidence increases with: routine scheduling, clear logistics, known sender, obvious reply pattern
• Confidence decreases with: ambiguity, multiple asks, reputational stakes
• Failure mode: drafting a socially tone-deaf or factually unsafe reply

defer

• Description: worth handling later, not now
• Default action: digest recommendation, optional waiting label
• Confidence threshold: >= 0.85
• Exclusions: true urgency, protected topic needing immediate attention
• Confidence increases with: optionality, low urgency, existing waiting posture
• Confidence decreases with: unclear deadline, sender importance
• Failure mode: hiding something that should stay visible

escalate

• Description: always human
• Default action: leave in inbox and label for review
• Confidence threshold: any high-risk signal should force this
• Exclusions: none
• Confidence increases with: protected contact, sensitive topic, ambiguity, emotion, attachments, external complexity
• Failure mode: overusing it and creating noise

unsubscribe_recommendation

• Description: likely worth unsubscribing or muting
• Default action: digest-only recommendation unless explicit auto-unsubscribe config is enabled and all unsubscribe safety gates pass
• Confidence threshold: >= 0.90
• Exclusions: newsletters intentionally kept for signal, investor/customer updates, personal senders
• Confidence increases with: repeated low-open-value pattern, obvious marketing mail, event spam, no reply history, no sent-mail interaction inside the lookback window, presence of a standard unsubscribe path
• Confidence decreases with: real relationship value, niche signal the operator actually wants, recent interaction, mixed-notification ambiguity
• Failure mode: suggesting removal of a useful information source or silently unsubscribing from a sender that still matters

Labels

Apply labels according to ../../policies/label-strategy.md.

Explainability Standard

Every action needs a one-sentence answer to: “Why is this safe enough?” If the answer is weak, choose escalate, surface, or digest-only behavior.