The Problem: We've been building AI workflows for the past year and kept running into the same issue: existing platforms (n8n, Langflow, Flowise) require full access to your Google services even for read-only operations. Want to summarize emails? You're also granting send permissions. Want to read docs? You're also granting edit permissions. If you want granular scopes, the onus is on you to:
- Create your own OAuth app with Google (1-2 weeks approval time) - Modify source code to support read-only scopes
We saw this pattern repeated across Discord channels and GitHub issues - developers asking for better scope support, maintainers saying "you can configure it yourself."
Our Solution: Seer ships with read-only auth scopes as the default for common operations. It's self-hostable, so your data never leaves your infrastructure. The demo shows a simple email summarization workflow (Gmail + LLM API), but the principle applies to any integration.
Why This Matters: Security through least privilege isn't just best practice - it's essential when you're giving AI agents access to your production data. One compromised workflow shouldn't mean your entire Google Workspace is at risk.
Questions for HN: 1. How are you currently handling OAuth scopes in your AI automation workflows? 2. Would you find value in a scope validator that audits your existing workflows? 3. What other integrations would you want to see with granular permissions?
GitHub: https://github.com/seer-engg/seer Demo video: https://youtu.be/cmQvmla8sl0
The only similar platform with granular scope support is Make.com, but it's closed-source. We think this should be the standard, not the exception.
Would love your feedback!