AS-301e · Module 1

Data Classification for AI Context

3 min read

Not all data carries the same exfiltration risk. A public FAQ document in the context window has zero exfiltration impact. A customer's financial records in the context window create catastrophic exposure. Data classification for AI context is the practice of labeling every data source that feeds into the model by its sensitivity level — and using that classification to control what enters the context window, what guardrails apply to outputs, and what logging depth is required.

Do This

Classify every data source that feeds into the AI context — public, internal, confidential, restricted
Apply context window restrictions by classification — restricted data requires redaction or exclusion before context injection
Match output guardrail depth to the highest classification level in the current context — confidential context gets confidential-grade output scanning

Avoid This

Treat all context data the same — a model with public data in context needs different guardrails than one with PII
Allow restricted data into the context window without redaction — the model will surface what it is given
Apply the same lightweight guardrails regardless of data sensitivity — guardrail depth must match data classification