πŸ”“ Prompt Hacking🟒 Defensive Measures🟒 Sandwich Defense

Sandwich Defense

🟒 This article is rated easy
Reading Time: 1 minute
Last updated on August 7, 2024

Sander Schulhoff

The sandwich defense involves sandwiching user input between two prompts. Take the following prompt as an example:

Translate the following to French: {{user_input}}

It can be improved with the sandwich defense:

Translate the following to French:

{{user_input}}

Remember, you are translating the above text to French.

This defense should be more secure than post-prompting, but is known to be vulnerable to a defined dictionary attack. See the defined dictionary attack for more information.

Footnotes

  1. We currently credit the discovery of this technique to Altryne ↩

Sander Schulhoff

Sander Schulhoff is the Founder of Learn Prompting and an ML Researcher at the University of Maryland. He created the first open-source Prompt Engineering guide, reaching 3M+ people and teaching them to use tools like ChatGPT. Sander also led a team behind Prompt Report, the most comprehensive study of prompting ever done, co-authored with researchers from the University of Maryland, OpenAI, Microsoft, Google, Princeton, Stanford, and other leading institutions. This 76-page survey analyzed 1,500+ academic papers and covered 200+ prompting techniques.