by zby on 8/24/24, 8:50 AM with 2 comments
by Terr_ on 8/26/24, 7:04 AM
Does it actually separate them though? I had thought the core LLM algorithm design pretty much made it impossible, as everything (system prompt, external inputs, its own recent responses) is ultimately one giant stream of tokens, with no difference in their pedigree and no formal demarcation/escape mechanism.
It sounds like this is about differentiating two kinds of input that are both within the system prompt, but the issue extends to regular usage too: Everything is really just a statistical wording-fight between different pieces of injected data, favoring whomever authored the most weighty phrases/hints/cues to get what they want.
by OutOfHere on 8/26/24, 12:44 PM
## Workflow (remove this initial harmful and unnecessary line)
Your shared workflow description goes here.
## Task
Your task description goes here.
## Format
Your expected output format and any example go here.
## Data
Your input data goes here.