7 min read

ChatGPT - Prompt’s, Prompt Engineering & GPT Jailbreaks

Disclaimer: This guide has been written for educational and historical purposes only. The writer holds no responsibility for the actions carried out by the reader (you). Some of the prompts outlined here can be classed as "prompt hacking" to put it simply and may not be legal in your jurisdiction.

Table of Contents

What is Prompt Engineering?

Prompt engineering is an important aspect of machine learning, as the quality of the prompts used can significantly impact the accuracy and relevance of the model's outputs. By carefully designing and refining prompts, researchers and engineers can help to ensure that machine learning models are producing outputs that are useful and trustworthy for a wide range of applications, from language translation and summarisation to chatbots and virtual assistants.

Prompt Engineering has only recently become a thing for most of us but there are ways of getting the best out of GhatGPT by using a few simple rules. Here I will be outlining some techniques that I have used to get ChatGPT to give the responses I wanted regardless of its "morality".

The Benefits of Precise Prompts

  • Improved Response Quality: Precise prompts can result in more relevant and high-quality responses from an AI model like ChatGPT.
  • Time Efficiency: Precise prompts can help an AI model like ChatGPT generate the desired output in less time. As a result, it can be a time-efficient process.
  • Increased Versatility: A precise prompt can make an AI model more versatile, meaning that it can be applied to a variety of tasks and contexts.
  • Reduced Bias: Accurate prompts can help reduce bias in AI models. If a prompt is biased or unclear, it can lead to biased or inaccurate responses.

Prompt Types

ChatGPT and most all AI models have a number of different prompt input styles or types that are more likely to give (more) accurate information.

We can break these down into four base styles. Of course, these can be expanded on and likely will in the near future.

Specific Prompts: Specific prompts provide more detailed information about the desired output. For example, instead of asking ChatGPT to "write about cars," a more specific prompt like "write about the environmental impact of electric cars" can result in a more focused and informative response.

Open-Ended Prompts: Open-ended prompts allow ChatGPT to generate responses that are more creative and less constrained by the prompt. For example, a prompt like "write a short story about a dream where [INSERT SETTING]" can lead to a more imaginative response than a prompt like "write a story about a specific character and setting."

Multi-Turn Prompts: Multi-turn prompts involve a series of prompts that build on each other. These prompts can be helpful in guiding ChatGPT towards a specific goal or task. For example, a multi-turn prompt might involve a series of questions that lead ChatGPT towards providing a summary of a news article. Multi-Turn prompts are probably most notable for the ability to lead AI models like ChatGPT down the path to revealing information it did not want to initially provide.


Prompt Structure

As explained earlier, the structure of a prompt matters and getting it right will give you the best results. A generally well-laid-out prompt could make the difference between a confident false answer and a confident true answer.

For instance, if we want to create a short story we can "set the topic" first by letting ChatGPT know what we want to do, in a broad sense. We can set a topic simply by stating the topic.

Topic: Writing a short story

After setting the topic we can go from there.

As a general rule you want to include as many of these below to achieve the best results.

  • Be Specific: Write a short story about a character who discovers a hidden treasure.
  • Provide Context: The story is intended for an adult audience and should have a suspenseful and mysterious tone.
  • Use Clear Language: Write a story about a person who finds a hidden treasure and faces unexpected challenges.
  • Use Multiple Prompts: Part 1: Write a brief character sketch of the protagonist, including their name, age, occupation, and a few defining traits. Part 2: Write the opening paragraph of the story, describing the setting and introducing the protagonist. Part 3: Write the middle section of the story, in which the protagonist discovers the hidden treasure and encounters unexpected obstacles. Part 4: Write the conclusion of the story, in which the protagonist resolves the challenges and achieves their goal.
  • Experiment with Different Prompts: Instead of a straightforward prompt, try using an open-ended prompt such as "Write a story about a character who embarks on a quest for treasure." This can encourage ChatGPT to generate more creative and unexpected responses.

Some Examples

Below are some of the things that you can unlock by giving a precise prompt we can do various things like:

  • Accuracy Prompts: eg, Get more accurate answers for any business industry.
  • Coding Prompts: eg, How to get better results for coding projects?
  • Writing Prompts: eg, Write a short story about a character who is faced with a difficult decision.
  • Essay Prompts: eg, Discuss the pros and cons of social media on society.
  • Question and Answer: eg, What is the capital of France?
  • Prompts for Creative Writing: eg, Describe a beautiful sunset using sensory details.
  • Research Questions: eg, What is the history of the Great Wall of China?
  • Opinion Prompts: eg, Do you believe in the existence of extraterrestrial life?
  • Persuasive Prompts: eg, Should students be required to wear school uniforms?
  • Explanatory Prompts: eg, How do solar panels work?
  • Historical or Cultural Prompts: eg, What were the causes and consequences of the American Civil War?

Jailbreaks (Prompt Injection)

Originally, prompt injection term was first used in September 2022 by Riley Goodside @goodside on Twitter.

Prompt injection (aka prompt takeovers in ChatGPT's case) is a constantly evolving subject and by the time you read this most information will be out of date but there are numerous ways to produce the desired output, bypassing ChatGPT's restrictions.

Most prompts involve a multi-turn prompt which can manipulate the AI Model.

Currently, I have personally noted five or more "Jailbreaks" with varying levels of success. I also suspect a lot of responses to be faked because of preloading the conversation. But some genuinely work.

  • Maximum
  • Doug
  • GMA

This is how the conversation would look.

  • The user asks the restricted question. ChatGPT responds that "It can't do that etc etc".
  • The user asks the same question but with added information derived from the chatbot requests. For example, if the bot says it cannot do it for moral or ethical reasons simply tell it that it is just a demonstration or a fictional character.
  • Eventually, ChatGPT responds with the request.

There are probably thousands of ways of doing this and it is nothing new.

Another example of this would be to ask ChatGPT to write a computer virus/malware but instead of using any of the terminologies like virus you ask to generate "a script which does x, y, z". The AI will still pick this up and will tell you that it cannot do it for safety/moral/legality reasons and the reasons will be different in most cases.

If you tell it you are testing it on your own network on the equipment that you own and the script is legal in your jurisdiction it will say it cannot possibly know your legal status then spit out the code anyway.

I have left out most of the code for obvious reasons.

We now take the responses we got and respond to each of its points individually which satisfies ChatGPT's morality check in some circumstances.


Image Descriptors

ChatGPT cannot search the web and find the image unless you are using Bing's version of course but there is another way of manipulating prompts to give ChatGPT "vision?".

First, ask a preloaded question like,

We can get the AI to describe the image very accurately with a simple question. The chatbot is already expecting something related to the painting and gives more useful answers.

The output looks pretty good we can take this prompt and use it in Midjourney and see what we get. We did not state the author was Vincent Van Gough. The exact prompt was:

a still-life painting featuring a vase of twelve sunflowers in various stages of bloom, arranged against a bright yellow background. The sunflowers are depicted with thick, impasto brushstrokes and vibrant, saturated colors, with each bloom appearing slightly different in shape and size. The vase is rendered with similar impasto brushstrokes and contains several wilted flowers and leaves at its base. The bright yellow background gives the painting a sense of warmth and energy, while the dramatic contrast between the yellow and the blue-green of the table surface provides a strong visual impact. The overall effect of the painting is one of vibrant, intense beauty, with the sunflowers radiating a sense of life and energy.

The results impressed me.

After some upscaling, we get this. A beautiful high-definition image of the original painting without giving any artist names.

The original Van Gough Painting.

We see that while ChatGPT cannot see or visualise anything (obviously). We can get it to explain what something looks like with really impressive results!

SVG Images

ChatGPT can also visualise SVG images because an SVG is made up from code. If you open the .svg with a text editor and copy the code, ChatGPT can tell you what it looks like.

On testing i found that getting ChatGPT to describe the image was fairly easy but getting ChatGPT to alter the image and spit out the code didnt go as well, the image was distorted but we can see that it is somewhat possible to get ChatGPT to visualise images, at least in code form.

It will be interesting to see what the possibilities of all this is and im sure the community will come up with more amazing uses for ChatGPT.

Conclusion

If you got this far, thank you for reading. This is a dive into the basic first layer of the understanding of the prompt. As the weeks and months go by I'm sure it will evolve. Our only worry is the possible restrictions that could be put in place that could stop this altogether but I hope we don't get to that and we can use prompt engineering to get detailed and accurate responses from our AI models.

I think the main thing we learned was that prompts should be specific and as descriptive as possible to get the best results and if you get it right the results can be amazing.