Back to AI Glossary
Developer Experience

System Prompt

The foundational instruction set given to an LLM that defines its role, behaviour, tone, and constraints for a particular application — set once at the application level and shaping all subsequent user interactions.

How It Differs from User Prompts

A system prompt and a user prompt occupy fundamentally different roles in the conversation stack. The system prompt is persistent — it's injected at the start of every conversation and carries across all turns. User prompts are per-message and conversational. Think of the system prompt as the application's constitution and user prompts as individual requests made under that constitution. The system prompt operates at the application level, set by the developer, while user prompts come from the end user. Most users never see the system prompt, but it shapes every response they receive.

What to Include

Effective system prompts typically cover four areas. Role definition tells the model who it is — a customer support agent, a code reviewer, a writing assistant. Behavioural guidelines establish tone, style, and interaction patterns — whether to be concise or thorough, formal or casual, proactive or reactive. Constraints set boundaries — topics to avoid, actions the model should never take, when to escalate to a human. Output format specifies structure — JSON responses for API integrations, markdown for documentation tools, or plain conversational text for chatbots.

Best Practices

Keep it under 300 words. Every token in the system prompt consumes context window space on every single request — bloated system prompts directly increase latency and cost. Version and test like code. System prompts are application logic; they deserve the same rigour as any other code change. Store them in version control, review changes in PRs, and run regression tests against known-good outputs. Security hardening is non-negotiable for production systems. Assume adversarial users will try to extract or override your system prompt. Techniques like prompt injection defence and instruction hierarchy help, but the most important rule is: never put secrets in the system prompt, because extraction is always possible with enough creativity.

Related Terms

Prompt EngineeringThe practice of designing and refining inputs to language models to elicit more accurate, useful, and consistent outputs.Large Language Model(LLM)A neural network trained on massive text corpora that can understand and generate human language, typically with billions of parameters.Context WindowThe maximum amount of text (measured in tokens) that a language model can consider at once — including both the input prompt and the generated output.TokenThe basic unit of text that a language model processes — typically a word, subword, or punctuation mark, roughly equivalent to 3/4 of an English word.

On the AI Radar

Prompt CachingStores and reuses previously computed key-value tensors from attention layers to avoid redundant computation on repeated prompt prefixes, delivering up to 90% cost reduction and 85% latency reduction. All three major providers now offer it with different implementations.Context EngineeringThe practice of assembling optimal context for LLM applications — going beyond retrieval to systematic management of instructions, tools, state, and knowledge across the full prompt lifecycle.Prompt Injection DefenseTechniques and tools for defending AI applications against prompt injection attacks — where malicious inputs manipulate model behaviour. Still the #1 OWASP vulnerability for LLM applications.

From Our Blog

Gaslighting Your AI Into Better Results: What the Research Actually Shows
Engineering8 min read

Gaslighting Your AI Into Better Results: What the Research Actually Shows

A Reddit post about telling Claude you work at a hospital went viral. Turns out there's actual research explaining why this works across all LLMs.

Rosh JayawardenaJan 29, 2026
Back to AI Glossary