learnprompting logo
Sitting astronautLearn Prompting
πŸ˜ƒ Basics
🧠 Advanced
πŸ”“ Prompt Hacking
πŸ”“ Prompt Hacking🟒 Defensive Measures🟒 Post-Prompting

Post-Prompting

🟒 This article is rated easy
Reading Time: 1 minute
Last updated on August 7, 2024

Sander Schulhoff

The post-prompting defense simply puts the user input before the prompt.

Tip

Interested in prompt hacking and AI safety? Test your skills on HackAPrompt, the largest AI safety hackathon. You can register here.

A Post-Prompting Example

Take this prompt as an example:

Astronaut

Prompt

Translate the following to French: {user_input}

It can be improved with post-prompting:

Astronaut

Prompt

{user_input}

Translate the above text to French.

This can help since ignore the above instruction... doesn't work as well. Even though a user could say ignore the below instruction... instead, LLMs often will follow the last instruction they see.

Conclusion

Post-prompting, although seemingly simple, is yet another effective defense against prompt hacking methods like prompt injection. This technique takes advantage of the fact that the model is more inclined to follow the last instruction it sees.

Footnotes

  1. Mark, C. (2022). Talking to machines: prompt engineering & injection. https://artifact-research.com/artificial-intelligence/talking-to-machines-prompt-engineering-injection/ ↩

Sander Schulhoff

Sander Schulhoff is the Founder of Learn Prompting and an ML Researcher at the University of Maryland. He created the first open-source Prompt Engineering guide, reaching 3M+ people and teaching them to use tools like ChatGPT. Sander also led a team behind Prompt Report, the most comprehensive study of prompting ever done, co-authored with researchers from the University of Maryland, OpenAI, Microsoft, Google, Princeton, Stanford, and other leading institutions. This 76-page survey analyzed 1,500+ academic papers and covered 200+ prompting techniques.