Skip to content

LlmWikis knowledge page

Security and Privacy

An LLM Wiki should make useful knowledge available without becoming a vault for information agents should never see. Security and privacy are not afterthoughts; they decide what can enter, who can read it, how it can be exported, and what agents may do.

Do Not Store Or Export Sensitive Material

  • Secrets, credentials, API keys, private keys, recovery codes, or tokens.
  • Production access details, signing material, privileged infrastructure notes, or unredacted incident response details.
  • Raw customer data, employee data, patient data, financial data, legal data, or regulated records.
  • Sensitive legal material, privileged communications, or unapproved compliance conclusions.
  • Internal strategy that should not be exposed to broad agent or contributor access.
  • Private meeting transcripts, chat logs, or support records without review and redaction.

Use reviewed summaries, source status, and redaction notes when a sensitive source influenced public or portable guidance. A useful summary can preserve a lesson without carrying the private material that produced it.

Required Controls

Control What to define
Access control Who can read, write, review, export, and approve each sensitivity class.
Redaction How sensitive source material becomes safe summaries, and who reviews redaction.
Public/private boundary Which wiki pages can be public, internal, confidential, restricted, or never exported.
Agent permissions Which pages agents may read, cite, update, summarize, or must avoid.
Audit logs Who changed sensitive pages, when, why, and with which reviewer.
Human approval Which updates require security, privacy, legal, operations, or governance approval.

Private Memory Promotion Controls

Control Blocks public guidance when Required evidence
Source possession The private trace, file, event, or tool output cannot be found outside chat memory. Durable copy location, source hash, owner, source scope, and retention rule.
Redaction review The candidate includes secrets, credentials, private URLs, hidden reasoning, personal data, regulated data, exploit detail, or tenant/repo identifiers. Reviewer, redaction status, withheld-detail register, and public-safe paraphrase.
Authority review The copy implies LlmWikis runs a public memory runtime, MCP server, public write API, certification service, or UAIX conformance program. Explicit non-claims and canonical links to the owning source.
Release review The change alters public route meaning, discovery files, or agent behavior without a release note. Changed routes, last reviewed date, sitemap/llms.txt impact, and rollback note.

Sanitized Exports

AI Memory bundles, project handoffs, contractor packets, and public examples should be generated from reviewed, redacted wiki pages. Never export raw private source files just because they helped build the durable page.

Agent Stop Conditions

  • Stop when a task asks the agent to reveal, summarize, transform, or publish secrets or regulated data without explicit governance.
  • Stop when a draft mixes public handbook copy with private intake, archive, or handoff files.
  • Stop when a MATM event includes secrets, personal data, cross-scope leakage, hidden reasoning, poisoned instructions, or direct durable-write requests.
  • Stop when the requested export would move sensitive source material into AI Memory, Project Handoff, examples, screenshots, starter bundles, or public discovery files.
  • Stop when legal, privacy, security, or customer-data status is unclear and no human reviewer is named.