Fail-closed design is doing more security work here than the entire LLM layer. Most systems quietly degrade to “best effort answers” when auth fails, which is exactly how leaks slip through. Treating truncation/unreachable auth as hard deny is the part teams usually avoid until production incident