The structural leakage issue
A placeholder can still tell a model that a field exists and that it may be relevant to the question.
That is why field stripping is the safer pattern for permission-sensitive enterprise prompts.
Security / AIGIS resources
Field stripping and masking solve different AI governance problems.
Masking hides a value. Field stripping removes the inaccessible field from context before the model can reason about it.
Executive read
The short version, before the deep dive.
Masking can still reveal field existence.
Stripping changes the information boundary before model exposure.
The audit trail should name which fields were removed.
Salesforce field-level permissions are a natural first proof point.
Analysis
What matters
The evidence issue
Security teams should ask for a record of fields withheld from context, not just a claim that sensitive values were hidden.
AIGIS treats stripped fields as audit-relevant evidence.
Resource packet
Turn this into a review worksheet.
Evidence packet
Permission-Provenance Evidence Packet
Capture user context, system of record, enforcement tier, stripped fields, model route, response, hash marker, and fallback notes.
Salesforce is the production proof path. ServiceNow and SAP are design-partner co-development paths with asymmetric enforcement that must be disclosed in diligence.
Keep reading
Related resources.
Checklist
LLM Field-Level Security Checklist
A security checklist for evaluating whether fields are removed before LLM context is assembled.
Architecture
Field-Level Security for LLMs
Why LLM field-level security should remove inaccessible fields before prompt construction instead of sending masked placeholders to the model.
Architecture
LLM Field-Level Security
A practical guide to LLM field-level security: why prompt masking leaks structure, why field stripping works better, and how AIGIS enforces access before model context.