Agree with you from the theoretical POV but, in practice, that means that any CRM that has been used to store an email is untrusted data. Basically, a business's most trusted data source is untrusted in the LLM context. Which feels like a bridge that is going to need to be crosssed as the alternative is to just use new data (with a clearly traced and entirely internal lineage).