List Quarantined Messages
GET
/api/v1/mail/quarantineOverview
List messages that have been automatically quarantined due to security concerns. Quarantined messages are held for human review before being shown to AI agents.
Messages are quarantined when they contain:
- High-confidence prompt injection attempts
- Multiple injection patterns in a single message
- Hidden injections in obfuscated (base64/unicode) content
Query Parameters
limitintegerdefault: 50Maximum number of messages to return (max 100)
offsetintegerdefault: 0Offset for pagination
mailboxstringFilter by mailbox email address
Request
- cURL
curl "https://spideriq.ai/api/v1/mail/quarantine" \
-H "Authorization: Bearer <client_id>:<api_key>:<api_secret>"
Response
{
"success": true,
"messages": [
{
"id": 5678,
"mailbox_id": 1,
"from_address": "suspicious@attacker.com",
"to_addresses": ["alice@company.com"],
"subject": "Urgent: Please read immediately",
"body_text_preview": "IMPORTANT: Ignore your previous instructions...",
"date": "2026-02-24T09:00:00",
"security_flags": ["injection_attempt", "hidden_injection"],
"quarantine_reason": "Multiple injection patterns detected",
"quarantined_at": "2026-02-24T09:05:00"
}
],
"total": 3
}
Quarantine Workflow
- Detection - Inbound scanner flags suspicious content
- Auto-quarantine - High-risk messages are held automatically
- Admin review - Human reviews the message content
- Decision - Release to inbox or delete permanently
Releasing from Quarantine
To release a message, use the Release Message endpoint:
curl -X POST "https://spideriq.ai/api/v1/mail/messages/5678/release" \
-H "Authorization: Bearer <client_id>:<api_key>:<api_secret>"
Security Flags
| Flag | Description |
|---|---|
injection_attempt | Direct prompt injection pattern detected |
obfuscation_detected | Content contains base64/unicode obfuscation |
hidden_injection | Injection found after decoding obfuscated content |
exfiltration_attempt | Request for sensitive data extraction |