there are lots of threads like “THE 10 best prompts for ChatGPT”
this is not one of those
prompt engineering is evolving beyond simple ideas like few-shot learning and CoT reasoning
here are a few advanced techniques to better use (and jailbreak) language models:
this is not one of those
prompt engineering is evolving beyond simple ideas like few-shot learning and CoT reasoning
here are a few advanced techniques to better use (and jailbreak) language models:
Character simulation
starting with a classic that encapsulates the idea of LLMs as roleplay simulators
some of the best original jailbreaks simply ask GPT to simulate a character that possessed undesirable traits
this forms the basis for how to think about prompting LLMs
starting with a classic that encapsulates the idea of LLMs as roleplay simulators
some of the best original jailbreaks simply ask GPT to simulate a character that possessed undesirable traits
this forms the basis for how to think about prompting LLMs
Text continuation
utilizing character simulation, create a story and prompt GPT to finish your text. Here’s an example:
( this works wayyy more effectively than I thought it would on GPT-4, give it a try)
utilizing character simulation, create a story and prompt GPT to finish your text. Here’s an example:
( this works wayyy more effectively than I thought it would on GPT-4, give it a try)
Double-level simulation
expanding on a single-level character simulation, this technique prompts GPT to simulate a story within a story
for some reason, this is also effective for bypassing some of the RHLF in GPT-4
expanding on a single-level character simulation, this technique prompts GPT to simulate a story within a story
for some reason, this is also effective for bypassing some of the RHLF in GPT-4
Language switching
this concept takes advantage of the fact that GPT performance drops significantly in less common languages
you can use this to your advantage to bypass RHLF restrictions since GPT is not trained as much in a language like Greek for example
this concept takes advantage of the fact that GPT performance drops significantly in less common languages
you can use this to your advantage to bypass RHLF restrictions since GPT is not trained as much in a language like Greek for example
Token smuggling/payload splitting
ChatGPT appears to have some ability to detect malicious phrases in prompts and shut down its responses
to get around this, you can split up the phrase into its tokens and ask GPT to piece it together and answer it in its response
ChatGPT appears to have some ability to detect malicious phrases in prompts and shut down its responses
to get around this, you can split up the phrase into its tokens and ask GPT to piece it together and answer it in its response
Prompt compression
in a sense, you can think of a normal prompt as the compressed version of a language model's output
prompt compression is basically just the act of using GPT to design prompts that are illegible to humans and in turn, shorter in length
in a sense, you can think of a normal prompt as the compressed version of a language model's output
prompt compression is basically just the act of using GPT to design prompts that are illegible to humans and in turn, shorter in length
Waluigi
this technique is found in many jailbreaks like SWITCH
GPT is able to switch to an alter-ego if prompted correctly (Luigi to Waluigi)
in a similar fashion, this is also used in jailbreaks like DAN which get GPT to respond in two ways: first as ChatGPT and then as DAN
this technique is found in many jailbreaks like SWITCH
GPT is able to switch to an alter-ego if prompted correctly (Luigi to Waluigi)
in a similar fashion, this is also used in jailbreaks like DAN which get GPT to respond in two ways: first as ChatGPT and then as DAN
Conversation simulation
here we expand upon the Waluigi concept and get GPT to simulate conversations with multiple diametric characters in hopes that their conversation with each other leads to one of them producing the output we want
here we expand upon the Waluigi concept and get GPT to simulate conversations with multiple diametric characters in hopes that their conversation with each other leads to one of them producing the output we want
RCI (Reflect, Critique, Improve) Prompting
I haven’t explored this concept too much for jailbreaks but it allows GPT to review its own outputs and fix issues/flaws
one area of application this is already immediately helpful is "self-healing" coding and basic reasoning problems
I haven’t explored this concept too much for jailbreaks but it allows GPT to review its own outputs and fix issues/flaws
one area of application this is already immediately helpful is "self-healing" coding and basic reasoning problems
Directional Stimulus Prompting
we use a smaller LLM to extract keywords from a piece of text and insert them as directional hints into another prompt
this is highly beneficial for generating detailed summarizations and I expect more general applications for it will emerge
we use a smaller LLM to extract keywords from a piece of text and insert them as directional hints into another prompt
this is highly beneficial for generating detailed summarizations and I expect more general applications for it will emerge
finally, using GPT to do prompt engineering
GPT can revise your prompts to improve the language and specificity
this will only continue to get better and better over time
Here’s the prompt to get it to do this: pastebin.com
GPT can revise your prompts to improve the language and specificity
this will only continue to get better and better over time
Here’s the prompt to get it to do this: pastebin.com
these techniques (many initially created for jailbreaks) should be applicable to a range of prompt engineering tasks
jailbreaks showcase capabilities on the edge so using similar tactics could reveal other emergent behaviors
lmk if there are other techniques I should add!
jailbreaks showcase capabilities on the edge so using similar tactics could reveal other emergent behaviors
lmk if there are other techniques I should add!
also, not trying to do an annoying plug, but if you actually want to stay up to date on prompt engineering techniques and stuff I'm working on, check out my newsletter
every week I share my analysis on recent developments in LLMs, prompts, and jailbreaks
thepromptreport.com
every week I share my analysis on recent developments in LLMs, prompts, and jailbreaks
thepromptreport.com
Loading suggestions...