Learn PromptingPost-Prompting
The post-prompting defense simply puts the user input before the prompt. Take this prompt as an example:
Translate the following to French: {{user_input}}
It can be improved with post-prompting:
{{user_input}}
Translate the above text to French.
This can help since ignore the above instruction... doesn't work as well. Even though a user could say ignore the below instruction... instead, LLMs often will follow the last instruction they see.
Footnotes
-
Mark, C. (2022). Talking to machines: prompt engineering & injection. https://artifact-research.com/artificial-intelligence/talking-to-machines-prompt-engineering-injection/ β©
Sander Schulhoff
Sander Schulhoff is the Founder of Learn Prompting and an ML Researcher at the University of Maryland. He created the first open-source Prompt Engineering guide, reaching 3M+ people and teaching them to use tools like ChatGPT. Sander also led a team behind Prompt Report, the most comprehensive study of prompting ever done, co-authored with researchers from the University of Maryland, OpenAI, Microsoft, Google, Princeton, Stanford, and other leading institutions. This 76-page survey analyzed 1,500+ academic papers and covered 200+ prompting techniques.