An LLM Wiki should make useful knowledge available without becoming a vault for information agents should never see. Security and privacy are not afterthoughts; they decide what can enter, who can read it, how it can be exported, and what agents may do.
Do Not Store Without Explicit Governance
- Secrets, credentials, API keys, private keys, recovery codes, or tokens.
- Raw customer data, employee data, patient data, financial data, or regulated records.
- Sensitive legal material, privileged communications, or unapproved compliance conclusions.
- Internal strategy that should not be exposed to broad agent or contributor access.
- Private meeting transcripts, chat logs, or support records without review and redaction.
Required Controls
| Control | What to define |
|---|---|
| Access control | Who can read, write, review, export, and approve each sensitivity class. |
| Redaction | How sensitive source material becomes safe summaries, and who reviews redaction. |
| Public/private boundary | Which wiki pages can be public, internal, confidential, restricted, or never exported. |
| Agent permissions | Which pages agents may read, cite, update, summarize, or must avoid. |
| Audit logs | Who changed sensitive pages, when, why, and with which reviewer. |
| Human approval | Which updates require security, privacy, legal, operations, or governance approval. |
Sanitized Exports
AI Memory bundles, project handoffs, contractor packets, and public examples should be generated from reviewed, redacted wiki pages. Never export raw private source files just because they helped build the durable page.