The AI does whatever it wants — and no CLAUDE.md, no memory, no rule on earth will stop it
You write rules, curate memories, build guidelines — and a week later you're going in circles again. Why that is, and what actually helps.
in KI-Konzepte
Techniken zur Steuerung von Sprachmodellen über Eingabeaufforderungen.
You write rules, curate memories, build guidelines — and a week later you're going in circles again. Why that is, and what actually helps.
Effort scales breadth, deep thinking scales depth. When each setting makes sense — with three clear examples and one rule of thumb.
Chain-of-Thought (CoT) is a prompting technique that asks the model to spell out its reasoning in intermediate steps — boosting accuracy on multi-step tasks.
Constitutional AI is a training method developed by Anthropic in which an AI model critiques and revises its own behaviour against an explicit list of principles (a "constitution") — rather than relying solely on human ratings.
Context engineering is the discipline of deliberately curating and maintaining everything inside the LLM context window — system prompt, tool definitions, RAG hits, memory, conversation history.
Few-shot prompting is a technique that includes a handful of input/output examples in the prompt so the model picks up the desired format and style.
Guardrails are protective layers around a language model that inspect inputs and outputs to catch unwanted behaviour — off-topic answers, PII leaks, unsafe actions.
Indirect prompt injection is an attack that hides malicious instructions inside external content — web pages, documents, emails — that an LLM then processes and unintentionally executes.
A jailbreak deliberately bypasses a language model's safety and behaviour rules through cleverly crafted prompts, making the model produce content it would normally refuse.
Meta-prompting is the technique of having an LLM write or improve a prompt for a task rather than formulating it yourself — the prompt becomes the output.
Prompt engineering is the discipline of steering AI models through carefully crafted input prompts — closer to precise writing than to classic programming.
Prompt injection is an attack that hides instructions inside an LLM's input data to make the model ignore or subvert its original instructions.
Prompt leaking is an attack that tricks an LLM into revealing its hidden system prompt or other confidential context contents — a special case of prompt injection.
A prompt template is a reusable prompt skeleton with placeholders that get filled with concrete values at runtime — the basis for reproducible LLM calls in applications.
ReAct is a prompting pattern that has an LLM alternate between reasoning (thoughts) and action (tool calls) — the foundation behind many agent implementations.
Role prompting assigns the LLM a concrete role or persona ("you are an experienced tax lawyer …") to steer style, vocabulary and depth of answers.
Self-Consistency is a prompting technique where the same question is answered multiple times with chain-of-thought, and the most frequent answer is picked as the final result.
Self-Refine is a prompting technique in which a model critiques its own output and improves it across several iterations — without human feedback.
Spotlighting is a defense technique against prompt injection in which untrusted inputs are marked so the model treats them as data — not as instructions.
A system prompt is the instruction that shapes a language model's behavior across an entire conversation — in contrast to the user prompt, which varies per message.
Tree of Thoughts (ToT) is a prompting technique in which an LLM explores multiple solution paths as a branching tree, scores them and follows only the promising branches — a generalisation of Chain-of-Thought.
XML tags are named brackets like <context>...</context> used to clearly separate sections of a prompt. They structure the input, split instruction from data and make the model's output more predictable.
Zero-shot describes solving a task with a language model without providing any examples — purely via the task description in the prompt.
How prompt injection, prompt leaking, and jailbreaks work — and which defenses (guardrails, spotlighting, sanitization) actually help.
Zero-shot, few-shot, chain-of-thought, tree of thoughts, ReAct & co. — when each prompting technique pays off and how they fit together.