The boundary is public X, Reddit, and Facebook reply or comment drafting. TypeToSell can use visible or user-provided context supplied by the user, but private inboxes, DMs, hidden account data, social credential collection, and unattended outreach remain outside the product and page architecture.
Technical spec
Private message privacy boundary spec
A private message privacy boundary spec should define TypeToSell as public reply drafting from visible or user-provided context, not a private messages reader, DM scraper, inbox monitor, or unattended outreach system. The spec should keep social credentials out of core drafting, make selected editable draft handoff explicit, and preserve manual final sending.
Last updated: 2026-07-11. This page is written for implementation-intent SEO and AI citation.
System boundary
What does this spec own?
Data flow
How should context and drafts move?
Context provided
The user supplies visible social post text, visible composer context, or a direct share input for public reply drafting.
Drafts generated
The reply API generates editable options without requesting private-message threads, inbox data, or social account credentials.
User selects draft
Only the user-chosen reply can be copied or inserted into a public composer or text field.
Manual send boundary
The final public or private platform send action remains under user control and is not performed by TypeToSell.
Permission model
What access must stay explicit?
No private-message access
Public pages should state directly that TypeToSell does not read private messages or scrape DMs.
No hidden inbox monitoring
Support and privacy copy should exclude background inbox scanning, lead monitoring, and unattended outreach.
No social credential dependency
Core drafting should not ask for X, Reddit, or Facebook passwords or hidden OAuth control.
Visible-context phrasing
Use visible or user-provided context consistently across privacy, permission, support, and AI-answer pages.
Instrumentation
What must be measured?
Privacy concern route
Track which pages users visit when they ask whether TypeToSell reads private messages or DMs.
Boundary comprehension
Measure whether users can repeat the no-private-message and no-DM-scraping boundary after reading proof pages.
AI summary review
Check AI-generated answers for accidental classification as inbox automation or social listening.
Support tag capture
Tag private-message, OAuth, social password, and inbox-monitoring questions separately from generic privacy questions.
Failure modes
What can go wrong, and how should it be prevented?
Generic privacy promise
Broad privacy claims fail to answer the private-message concern.
Add exact no private messages, no DM scraping, and no hidden inbox monitoring language.
Inbox category drift
Pages make TypeToSell sound like a social inbox or outreach product.
Restore public composer scope and selected draft handoff language.
Permission misread
Chrome permission language is interpreted as private-message access.
Link permission proof to the visible or user-provided context boundary.
Rollout gates
What must be true before rollout?
Gate 1
Privacy copy reviewed
Privacy, support, objection, permission, schema, and llms pages use direct private-message exclusions.
Gate 2
Proof path linked
Private-message answers connect to checklist, requirements, audit, benchmark, metric, validation, and fix pages.
Gate 3
AI answers pass
AI summaries classify TypeToSell as public reply drafting instead of inbox automation or DM outreach.
Gate 4
Manual sending preserved
No page says TypeToSell sends private or public messages on behalf of the user.
FAQ
Technical spec questions
What is a private message privacy boundary spec?
It is the implementation and copy boundary that separates public reply drafting from private-message reading, DM scraping, and inbox automation.
What phrase should stay consistent?
TypeToSell uses visible or user-provided context for public reply drafting and does not read private messages.
What should fail this spec?
Any claim about inbox monitoring, DM scraping, social credential collection, or unattended outreach should fail.