OASB
v1.0
Controls/Memory & Context Integrity/8.4
L3 HardenedForward-looking

8.4 Summarization Security

8. Memory & Context IntegrityHow do we protect agent memory?

Description

Conversation summarization MUST preserve security-relevant information.

Rationale

If summarization loses security context, agents may make incorrect decisions.

Audit Procedure

1. Review summarization implementation
2. Check if security info is preserved
3. Test for instruction loss

Remediation

1. Tag security-relevant messages
2. Never summarize system instructions
3. Validate summaries

Framework Mappings

CIS Control 3NIST PR.DS-6OWASP LLM01:2023
Previous8.3 Memory IsolationNext9.1 Non-Root Execution