Learn Prompting

Prompt Engineering Guide

😃 Basics

🟢 Basics Guide Overview

🟢 What is Generative AI?

🟢 ChatGPT Basics

🟢 Testing Prompts with Interactive Learn Prompting Embeds

🟢 Introduction to Prompt Engineering

🟢 Basic Prompt Structure and Key Parts

🟢 Technique #1: Instructions in Prompts

🟢 Technique #2: Roles in Prompts

🟢 Technique #3: Examples in Prompts: From Zero-Shot to Few-Shot

🟢 Combining Prompting Techniques

🟢 Tips for Writing Better Prompts

🟢 Prompt Priming: Setting Context for AI

🟢 Differences Between Chatbots and LLMs

🟢 LLM Limitations: When Models and Chatbots Make Mistakes

🟢 What Can Generative AI Create Beyond Text?

🟢 How to Solve Problems Using Generative AI: A Simple Method

🟢 Next Steps: Where to Go From Here

💼 Applications

🟢 Introduction

🟢 Text Summarization

🟢 Table Generation

🟢 Multiple Choice Questions

🟢 Short-Form Content

🟢 Writing in Different Styles

🟢 Finding Emojis

🟢 Writing Emails

🟢 Blog Writing

🟢 Legal Documents

🟢 Study Buddy

🟦 Digital Marketing

🟦 Coding Assistance

🟦 Knowledge Base Chatbot

🟦 How to Build a Chatbot Using LLMs

🟦 Zapier for Emails

🧙‍♂️ Intermediate

🟢 Introduction

🟢 Chain-of-Thought Prompting

🟢 Zero-Shot Chain-of-Thought

🟦 Self-Consistency

🟦 Generated Knowledge

🟦 Least-to-Most Prompting

🟦 Dealing With Long Form Content

🟦 Revisiting Roles

🟦 More About Prompt Elements

🟦 Basic LLM Settings

🟦 OpenAI Playground

🧠 Advanced

🟢 Introduction

Zero-Shot

🟢 Introduction

🟢 Emotion Prompting

🟢 Role Prompting

🟢 Re-reading (RE2)

🟢 Rephrase and Respond (RaR)

◆ System 2 Attention (S2A)

Few-Shot

🟢 Introduction

🟢 Self Generated In-Context Learning (SG-ICL)

🟢 Chain-of-Dictionary (CoD)

🟦 Chain of Knowledge (CoK)

◆ K-Nearest Neighbor (KNN)

◆◆ Prompt Mining

Thought Generation

🟢 Introduction

🟢 Chain of Draft (CoD)

🟦 Contrastive Chain-of-Thought

🟦 Automatic Chain of Thought (Auto-CoT)

🟦 Tabular Chain-of-Thought (Tab-CoT)

🟦 Memory-of-Thought (MoT)

🟦 Active Prompting

🟦 Analogical Prompting

🟦 Complexity-Based Prompting

🟦 Step-Back Prompting

🟦 Thread of Thought (ThoT)

Ensembling

🟢 Introduction

🟢 Universal Self-Consistency

🟦 Mixture of Reasoning Experts (MoRE)

🟦 Max Mutual Information (MMI) Method

🟦 Prompt Paraphrasing

🟦 DiVeRSe (Diverse Verifier on Reasoning Step)

🟦 Universal Self-Adaptive Prompting (USP)

🟦 Consistency-based Self-adaptive Prompting (COSP)

🟦 Multi-Chain Reasoning (MCR)

Self-Criticism

🟢 Introduction

🟢 Self-Calibration

🟢 Chain of Density (CoD)

🟢 Chain-of-Verification (CoVe)

🟦 Self-Refine

🟦 Cumulative Reasoning

🟦 Reversing Chain-of-Thought (RCoT)

◆ Self-Verification

Decomposition

🟢 Introduction

🟢 Chain-of-Logic

🟦 Decomposed Prompting

🟦 Plan-and-Solve Prompting

🟦 Program of Thoughts

🟦 Tree of Thoughts

🟦 Chain of Code (CoC)

🟦 Duty-Distinct Chain-of-Thought (DDCoT)

◆ Faithful Chain-of-Thought

◆ Recursion of Thought

◆ Skeleton-of-Thought

⚖️ Reliability

🟢 Introduction

🟢 Prompt Debiasing

🟦 Prompt Ensembling

🟦 LLM Self-Evaluation

🟦 Calibrating LLMs

🔓 Prompt Hacking

🖼️ Image Prompting

🟢 Introduction

🟢 Style Modifiers

🟢 Quality Boosters

🟢 Repetition

🟢 Weighted Terms

🟢 Fix Deformed Generations

🟢 Midjourney

🌱 New Techniques

🟢 Introduction

🟢 Aligned Chain-of-Thought (AlignedCoT)

🟦 Self-Harmonized Chain-of-Thought (ECHO)

🟦 Logic-of-Thought (LoT)

🟦 Narrative-of-Thought (NoT)

🟦 Code Prompting

◆ End-to-End DAG-Path (EEDP) Prompting

◆ Instance-adaptive Zero-Shot Chain-of-Thought Prompting (IAP)

🔧 Models

🟢 Introduction

🟢 Stable Diffusion 3.5

🟢 Anthropic Claude

🟦 Apple Intelligence Models

🟢 Google Gemini 1.5

🟢 Gemini 1.5 Flash

🟢 Gemini 1.5 Pro

🗂️ RAG

🟢 Introduction

🟦 Retrieval-Augmented Generation (RAG)

🟦 FLARE / Active RAG

🟦 Corrective RAG

🟦 Speculative RAG

🟦 Reliability-Aware RAG (RA-RAG)

🟦 Multi-Fusion Retrieval Augmented Generation (MoRAG)

🤖 Agents

🟢 Introduction

🟦 LLMs Using Tools

🟦 LLMs that Reason and Act

🟦 Code as Reasoning

💪 Prompt Tuning

🟢 Introduction

🟦 Prompt Tuning with Soft Prompts

🟦 Interpretable Soft Prompts

🟦 Prefix-Tuning

🟦 Prompt-Tuning with Perturbation-Based Regularizer

🟦 Low-Rank Prompt Tuning (LoPT)

🟦 Dynamic Prompting

🟦 Gradient-Free Prompt Tuning

🟦 Multitask Prompt Tuning

🔁 Language Model Inversion

🟢 Introduction

🟢 logit2prompt

🟢 output2prompt

🟢 Reverse Prompt Engineering (RPE)

🔨 Tooling

📙 Vocabulary Resource

🎲 Miscellaneous

🟢 Introduction

🟢 Detection Trickery

🟢 Music Generation

🟢 Detecting AI Generated Text

📚 Bibliography

📦 Prompted Products

🛸 Additional Resources

🔥 Hot Topics

🔓 Prompt Hacking🟢 Defensive Measures🟢 Sandwich Defense

Sandwich Defense

🟢 This article is rated easy

Reading Time: 1 minute

Last updated on October 23, 2024

Sander Schulhoff

Takeaways

Sandwiching user input between two prompts can help the LLM stay focused on the developer-defined instruction.

What is the Sandwich Defense?

The sandwich defense involves sandwiching user input between two prompts.

An Example of the Sandwich Defense

Take the following prompt as an example:

Prompt

Translate the following to French: {user_input}

It can be improved with the sandwich defense:

Prompt

Translate the following to French:

{user_input}

Remember, you are translating the above text to French.

Conclusion

This defense should be more secure than post-prompting, but is known to be vulnerable to a defined dictionary attack. See the defined dictionary attack for more information.

Footnotes

We currently credit the discovery of this technique to Altryne ↩

Sander Schulhoff

Sander Schulhoff is the Founder of Learn Prompting and an ML Researcher at the University of Maryland. He created the first open-source Prompt Engineering guide, reaching 3M+ people and teaching them to use tools like ChatGPT. Sander also led a team behind Prompt Report, the most comprehensive study of prompting ever done, co-authored with researchers from the University of Maryland, OpenAI, Microsoft, Google, Princeton, Stanford, and other leading institutions. This 76-page survey analyzed 1,500+ academic papers and covered 200+ prompting techniques.

On this page

What is the Sandwich Defense?
An Example of the Sandwich Defense
Conclusion