Architecture / AIGIS resources
Traditional applications can hide a value while still knowing the field exists. LLMs are different: if the model sees a masked field, it can reason about the field's existence.
Executive read
Masking hides values, but still reveals structure.
Stripping removes inaccessible fields before prompt construction.
The LLM should never receive field names the user cannot access.
Field-level security has to apply to reads, summaries, and write proposals.
Analysis
A masked prompt can still leak structure. If the model sees Contact.SSN__c as redacted, it knows that the field exists and can use that fact in reasoning or output.
That is acceptable in some reporting interfaces, but it is too much disclosure for a language model that can infer relationships across the entire prompt.
AIGIS removes inaccessible fields before the model context is assembled. The model receives Account.Name and Account.Owner, but it does not receive inaccessible fields, placeholder tokens, or hints that those fields exist.
This creates a cleaner trust boundary: the LLM can only reason about the data the user is allowed to know.
Field-level security is not only a read concern. If an AI proposes a write to a field the user cannot edit, that proposal itself is a governance failure.
AIGIS checks write permissions before proposal and again at confirmation time, so stale access cannot slip through between suggestion and execution.
Comparison
Keep reading
Architecture
A practical architecture for enterprise AI governance middleware: identity resolution, live record checks, field stripping, model routing, write approvals, and audit provenance.
Architecture
AIGIS records which systems were queried, which identities were used, which permissions were checked, and which fields were included or stripped.
Architecture
Safe AI writes require explicit approval plus a fresh permission check at confirmation time, not only when the AI drafts the proposal.