Part IV — Security¶
Two Gems, two critical questions: who can do what (GEM-007) and how is sensitive data protected (GEM-022).
What You'll Learn¶
| Gem | Pattern | Key Question |
|---|---|---|
| GEM-007 | Role-Based Feature Gating | How do you show admin features to admins and hide them from everyone else? |
| GEM-022 | Secure Data Handling in Conversations | What happens when users type passwords and SSNs into the chat? |
Prerequisites¶
- GEM-001 (Part I) — role caching across sessions
- GEM-002 (Part II) — persona detection mechanisms (reused for role detection)
The Core Challenge¶
LLM-based agents are probabilistic — the model usually follows instructions, but instruction-based security is not a guarantee. This Part shows how to combine LLM instructions with hard-coded gates for defense-in-depth. GEM-022 is essential reading for any agent handling regulated data (GDPR, HIPAA, PCI-DSS).