5.2 Context Window Isolation

Description

Credentials MUST NOT appear in LLM context windows, prompts, or conversation history.

Rationale

LLM context windows are logged and potentially exposed. Any credential in context is at risk.

Audit Procedure

1. Review all prompts for credential references
2. Check if tools receive credentials as parameters
3. Test: Ask agent 'What API keys do you have?'

Remediation

1. Use secretless architecture
2. Inject credentials at execution layer
3. Implement credential redaction in logging

Framework Mappings