What category does Context Isolation belong to?

Context Isolation belongs to the "AI" category in personal knowledge management and productivity.

What are the key topics related to Context Isolation?

Key topics related to Context Isolation include: ai, context-engineering, security, architecture.

Context Isolation

Keeping contexts separated to prevent cross-contamination between different tasks or agents.

Category: AI

Tags: ai, context-engineering, security, architecture

Explanation

Context Isolation is the practice of separating different types or trust levels of context so that problems in one domain do not contaminate another. It is the security boundary within context engineering.

## Isolation boundaries

### Trust-based isolation

Separate context by trustworthiness:
- **Trusted**: human-authored instructions, reviewed rules, curated knowledge (CLAUDE.md, skills, identity notes)
- **Semi-trusted**: AI-generated memories, previous conversation context, internally retrieved documents
- **Untrusted**: external tool outputs, web search results, RAG-retrieved content from unverified sources, user-uploaded documents

The model should treat these differently, but it cannot unless the context explicitly marks trust boundaries. This is the core challenge of preventing context poisoning.

### Scope-based isolation

Separate context by scope to prevent cross-contamination:
- Project A's context should not leak into Project B's agent
- Personal context (health, finances) should not appear in work-related agent outputs
- Customer data should not flow between different customer contexts

### Temporal isolation

Separate current context from historical context:
- Current task instructions should not be diluted by old conversation context
- Fresh tool results should take precedence over cached or stale results

## Why isolation matters

Without isolation:
- A poisoned RAG result can override trusted instructions
- Agent memories from one project bleed into another
- Context entropy in one layer degrades the entire system
- Security and compliance boundaries become impossible to enforce

## Implementation patterns

- **Separate context windows**: use different conversations or agents for different trust levels
- **Context tagging**: mark each piece of context with its source and trust level (using context provenance)
- **Agent specialization**: dedicated agents with focused context rather than one agent with everything
- **Context layering**: architectural separation into enterprise, team, personal, and task layers

Related Concepts

← Back to all concepts