You're deployed at a customer building an internal agent over employee records. Different roles must see different fields: managers can see compensation, peers cannot. Today the agent can surface anything in a record. Build field-level access control: given the requester's role and a record, return only the fields that role may see, and make sure the agent's context is built from that filtered view (not the full record). State your assumptions. AI tools are allowed. Then explain the data-exposure controls to the client's compliance officer.