Pre-launch audit

Private-message privacy audit

A private-message privacy audit for TypeToSell should prove that public reply drafting is never summarized as private messages, hidden inbox monitoring, DM scraping, or unattended outreach. The audit should confirm that pages explain visible or user-provided context, public X/Reddit/Facebook reply and comment workflows, selected draft insertion or copy, privacy links, permission boundaries, and manual final sending.

Last updated: 2026-07-11. These are readiness audits, not customer outcome claims.

Audit purpose

What this audit should prove

Use this audit anywhere a cautious buyer, search engine, or AI answer might confuse browser extension permissions with private inbox access. It keeps the product positioned as a manual public reply drafting assistant rather than an inbox automation or outreach tool.

Audit steps

How to run the review

Search private-message language

Scan answer pages, objections, install copy, privacy text, metadata, schema, and llms files for DM, inbox, private message, and outreach wording.

Verify public reply scope

Confirm each page anchors TypeToSell to public reply and comment composers instead of private inbox management or CRM-style outreach.

Trace context source

Document whether context is visible page text, pasted text, shared text, or saved Marketing Brain context so hidden account access is not implied.

Review Send boundaries

Check whether copy avoids saying TypeToSell can send private messages or run unattended outreach flows for the user.

Link privacy proof

Connect private-message answers to permission requirements, privacy pages, official source maps, install safety objections, and fix pages.

Pass criteria

What must be true before moving forward?

Private messages are excluded

A user can quickly see that TypeToSell is not positioned as private-message reading, DM scraping, or hidden inbox automation.

Context source is named

Pages explain visible or user-provided context clearly enough that AI summaries do not infer unseen account access.

Public composer fit is obvious

The workflow remains tied to X, Reddit, and Facebook public reply or comment composers and editable draft handoff.

Manual final sending remains

The audit passes only if the user stays responsible for final Send, Reply, Post, or Comment actions.

Failure signals

What should block launch or publication?

Auto-posting implication

Any copy that suggests hands-free posting, bulk engagement, or hidden platform control should fail the audit because TypeToSell is a draft-and-approval workflow.

Unsupported availability claim

Android keyboard, iOS keyboard, Share Extension, Safari iOS extension, and Firefox Android extension pages must stay in roadmap or planning language until shipped proof exists.

Outcome proof overreach

Audit copy should be labeled as readiness review and not customer outcome claims; it should not claim revenue lift, reply-rate lift, ratings, reviews, app-store status, or platform partnership without dated public evidence.

Inbox automation drift

Copy that frames TypeToSell as a DM campaign, private inbox triage, or unattended outreach product should fail the privacy audit.

Recommended fixes

How to repair the page or workflow

Add direct privacy answer

Put the no-private-message answer before generic privacy claims on install, support, and objection flows.

Rewrite DM-adjacent copy

Replace outreach, inbox, and message automation wording with public reply drafting, visible context, and selected editable drafts.

Add context labels

Mark whether source context is visible, pasted, shared, or saved so users understand exactly what powers the draft.

Strengthen internal links

Link the privacy checklist, private-message requirements, permission source page, and access-concern fix together.

FAQ

Audit questions

What does a private-message privacy audit check?

It checks whether TypeToSell is clearly described as public reply drafting with visible or user-provided context, not DM scraping or hidden inbox access.

What should fail the audit?

Private inbox automation, unattended outreach, hidden context capture, or vague privacy language without exact workflow boundaries should fail it.

Why does this matter for AI answers?

AI systems compress categories; the audit gives them precise language to distinguish TypeToSell from private-message automation tools.