Context Isolation - DeveloPassion

# Context Isolation Context isolation is the practice of separating different types or trust levels of context so that problems in one domain don't contaminate another. It's the security boundary within [[Context Engineering]]. ## Isolation boundaries ### Trust-based isolation Separate context by trustworthiness: - **Trusted**: human-authored instructions, reviewed rules, curated knowledge (CLAUDE.md, skills, identity notes) - **Semi-trusted**: AI-generated memories, previous conversation context, internally retrieved documents - **Untrusted**: external tool outputs, web search results, RAG-retrieved content from unverified sources, user-uploaded documents The model should treat these differently, but it can't unless the context explicitly marks trust boundaries. This is the core challenge of preventing [[Context Poisoning]]. ### Scope-based isolation Separate context by scope to prevent cross-contamination: - Project A's context shouldn't leak into Project B's agent - Personal context (health, finances) shouldn't appear in work-related agent outputs - Customer data shouldn't flow between different customer contexts ### Temporal isolation Separate current context from historical context: - Current task instructions shouldn't be diluted by old conversation context - Fresh tool results should take precedence over cached/stale results ## Why isolation matters Without isolation: - A poisoned RAG result can override trusted instructions - Agent memories from one project bleed into another - [[Context Entropy]] in one layer degrades the entire system - Security and compliance boundaries become impossible to enforce ## Implementation patterns - **Separate context windows**: use different conversations or agents for different trust levels - **Context tagging**: mark each piece of context with its source and trust level (cfr [[Context Provenance]]) - **Agent specialization**: dedicated agents with focused context rather than one agent with everything (cfr [[Receptionist AI Design Pattern]]) - **[[Context Layering]]**: architectural separation into enterprise/team/personal/task layers ## References - ## Related - [[Context Layering]] - [[Context Inheritance]] - [[Context Poisoning]] - [[Context Engineering]] - [[AI Context Governance]] - [[Context Provenance]] - [[Context Entropy]] - [[Receptionist AI Design Pattern]] - [[Separation of Concerns]] - [[Harness Engineering]] - [[Personal Context Management (PCM)]] - [[Enterprise Context Management (ECM)]]