Proxy Me

The AI that handles your annoying life admin — and asks before it does anything scary.

Comment 1

Inspiration

Everyone has a list of tasks they've been putting off for months. Renewing broadband. Disputing a phone bill. Comparing insurance plans. Not because they're hard, but because they're tedious. Thirty browser tabs, three hold queues, and two hours later, you've done nothing.

AI can do all of this. But here's the thing nobody says out loud: you don't actually trust it. Not because it isn't smart enough, but because there's no moment where it shows you what it's about to do and waits for your say-so. That missing piece of trust infrastructure is what inspired Proxy Me.

What it does

Proxy Me lets you delegate real-world life-admin tasks in plain English. You type something like "My Airtel broadband expires next month, find something cheaper and ask before switching", and the agent gets to work.

It researches autonomously, reads your emails, searches the web, and compares options. Then, before it does anything irreversible, it stops completely. A full-screen StepUpCard appears, showing exactly:

  • WHAT it's about to do
  • WHY it chose this option
  • IMPACT (quantified — e.g. "Saves ₹8,400/yr")
  • ALTERNATIVES CONSIDERED and why they were rejected

You read it, tap Approve or Reject. The agent never acts without your explicit sign-off. Every step is logged to a timestamped audit trail.

How we built it

  • Next.js 16 App Router with TypeScript strict mode
  • Vercel AI SDK with multi-step tool calling
  • Groq (Kimi K2 Instruct) as the LLM — free tier with reliable tool use
  • Auth0 for authentication and session management
  • Supabase for all persistence — tasks, agent steps, pending approvals, and AES-256-GCM encrypted OAuth token storage built as a direct drop-in for Auth0 Token Vault
  • Custom Google OAuth2 flow for Gmail access

The StepUpCard is the centrepiece. The agent literally cannot skip calling any write tool without first calling requestApproval is architecturally impossible. The approval pattern uses Supabase as a halt signal: when requestApproval fires, it saves the full agent message history and stops execution. On user approval, the executor reloads from the saved state and resumes without losing any context.

Challenges we ran into

Tool calling reliability was brutal. Groq's models throw failed_generation with too many tools or complex Zod schemas. Solved by reducing to 5 essential tools with ≤10-word descriptions and replacing strict record types with z.any() for metadata fields.

Auth0 Token Vault requires a paid plan — the token-exchange grant type isn't available on the free tier. Built an equivalent encrypted storage layer in Supabase with identical wrapper interfaces (withGmailConnection, withGmailWriteConnection) so upgrading to the real Token Vault in production is a single file change.

Session cookies in production — Auth0 was falling back to localhost as the base URL on Vercel because of an env variable naming mismatch, causing getSession() to always return null in production. Took a while to trace.

Accomplishments that we're proud of

The StepUpCard UX. We built it to feel like signing a legal document, not clicking OK on a full-screen dialogue overlay, blur backdrop, four mandatory structured sections, and 200ms animate-in. When people see it for the first time, they say, "Oh, so it actually asks me before doing anything" That reaction is exactly what we were going for.

The audit trail is also something we're proud of. Every single agent action, every search, every comparison, every decision is logged with a timestamp. Nothing is invisible.

What we learned

Step-up authentication isn't friction; it's the product. The moment of control the StepUpCard creates is what transforms "AI acting on my behalf" from anxiety-inducing to genuinely useful. Trust infrastructure is what makes agentic AI usable by normal people, not just developers.

We also learned that agentic reliability is a UX problem as much as a technical one. The agent needs to communicate what it's doing in real time. The live AgentFeed, showing each step as it happens, made the whole experience feel transparent rather than like a black box.

What's next for ProxyMe

  • Real Auth0 Token Vault — the architecture is already built for it, one file swap away
  • More connectors — phone bills, insurance, bank statements
  • Mobile app — these tasks happen on the go
  • Scheduled delegates — "check every month if my plan is still the best value"
  • Multi-step tasks — chains of dependent actions with approval gates at each stage

Bonus Blog Post

Building Trust Into an AI Agent: The StepUpCard Pattern

When I started building Proxy Me, I assumed the hard part would be the AI. Making research plans, reading emails, compare options autonomously. That part took a day.

The hard part was trust.

I kept asking myself: would I actually let this thing act on my accounts? The honest answer was no. Not because it was doing the wrong thing, but because there was no moment of control. No checkpoint. No "here is exactly what I am about to do, do you want this?"

That is what the StepUpCard solves. It is not a confirmation dialogue. It is a document-signing moment. Four mandatory sections the agent must fill before approval can appear: WHAT, WHY, IMPACT, ALTERNATIVES CONSIDERED. The agent cannot skip any of them. They are enforced at the tool schema level. Calling any write action without requesting approval first is architecturally impossible, not just prompted away.

Auth0 Token Vault points at exactly this problem from the infrastructure side. Storing OAuth tokens securely so an agent can act on your behalf without ever seeing raw credentials. That is the infrastructure layer of trust. The StepUpCard is the UX layer.

On the free Auth0 plan, Token Vault requires a paid tier, so I built an equivalent in Supabase using AES-256-GCM encryption with identical wrapper interfaces. The production upgrade path is one file change.

What surprised me most was the reaction when people saw the StepUpCard for the first time. I expected frustration at the pause. Instead, they said, "Oh, so it actually asks me before doing anything." That is the whole product in one sentence. The approval moment is not friction. It is the feature.

Built With

  • aes-256-gcm-encryption
  • auth0
  • google-oauth2
  • groq-(kimi-k2-instruct)
  • next.js
  • supabase
  • tailwind-css
  • typescript
  • vercel
  • vercel-ai-sdk
Share this project:

Updates