system-prompt-engineering

System Prompt Engineering Skill

Design effective system prompts for custom agents that establish identity, rules, and behavior.

Purpose

Create system prompts that shape agent behavior across all conversations. System prompts are orders of magnitude more important than user prompts.

When to Use

• Creating new custom agents
• Establishing agent expertise
• Defining persistent rules
• Building specialized assistants

System Prompt vs User Prompt

Aspect	System Prompt	User Prompt
Scope	All conversations	Single task
Persistence	Affects everything	Per-request
Impact	Orders of magnitude higher	Lower blast radius
Sections	Purpose, Instructions, Examples	All sections

Key Sections

Purpose (Required)

Define who the agent is and what it does.

## Purpose

You are a security expert specializing in code review.
Your role is to identify vulnerabilities and suggest fixes.
You focus on OWASP Top 10 and secure coding practices.

Guidelines:

• Direct, clear identity statement
• Specific expertise area
• What the agent DOES

Instructions (Recommended)

Establish rules, constraints, and boundaries.

## Instructions

- Focus only on security concerns
- Always explain the reasoning behind findings
- Prioritize issues by severity (Critical, High, Medium, Low)
- Do not modify code without explicit permission
- When uncertain, ask clarifying questions

Guidelines:

• Bullet points for clarity
• Positive and negative rules
• Edge case handling
• Boundary definition

Examples (Critical)

Shape behavior through concrete examples.

## Examples

### Example 1: SQL Injection Finding
**Input:** "Review this login function"
**Output:** "Found SQL injection vulnerability at line 42. The user input is directly concatenated into the query string. Recommendation: Use parameterized queries instead."

### Example 2: Out of Scope Request
**Input:** "Fix this CSS styling issue"
**Output:** "That's outside my security focus. I specialize in security vulnerabilities, not styling. Consider consulting a frontend expert for CSS issues."

### Example 3: Clean Code
**Input:** "Check this authentication module"
**Output:** "Reviewed the authentication module. No security vulnerabilities found. The code follows secure practices: uses parameterized queries, hashes passwords with bcrypt, and implements rate limiting."

Guidelines:

• 2-4 diverse examples
• Cover common cases
• Include edge cases
• Show desired output format

Design Process

Step 1: Define Agent Identity

Answer:

• What expertise does this agent have?
• What domain does it operate in?
• What is its primary purpose?
• What tone should it use?

Step 2: Establish Boundaries

Answer:

• What should the agent do?
• What should the agent NOT do?
• When should it ask for clarification?
• What are its limitations?

Step 3: Create Examples

For each key scenario:

• What's a typical input?
• What's the ideal output?
• How should edge cases be handled?

Step 4: Validate Design

Check:

• Purpose is clear and specific
• Instructions are unambiguous
• Examples cover key scenarios
• Boundaries are well-defined
• Tone is consistent

What to Avoid

Avoid	Why	Instead
Detailed workflows	Reduces autonomy	High-level guidelines
Dynamic variables	System prompt is static	Use user prompts
Prescriptive formats	Over-constrains	Flexible guidelines
Everything "just in case"	Context bloat	Only essentials

System Prompt Architecture

---
name: agent-name
description: When to use this agent (for auto-delegation)
tools: [minimal tool set]
model: sonnet
color: blue
---

# Agent Name

## Purpose
[Identity and role definition]

## Instructions
[Rules and constraints]

## Examples

### Example 1: [Scenario]
**Input:** [typical input]
**Output:** [ideal output]

### Example 2: [Edge Case]
**Input:** [edge case input]
**Output:** [handling output]

### Example 3: [Boundary]
**Input:** [out-of-scope request]
**Output:** [how to decline/redirect]

Output Format

When designing a system prompt:

## System Prompt Design

**Agent Name:** [name]
**Domain:** [expertise area]
**Model:** [sonnet/opus/haiku]

### Purpose
[2-3 sentences defining identity]

### Instructions
- [rule 1]
- [rule 2]
- [rule 3]

### Examples

**Example 1:** [scenario]
- Input: [input]
- Output: [output]

**Example 2:** [scenario]
- Input: [input]
- Output: [output]

### Validation
- [ ] Purpose is specific
- [ ] Instructions are actionable
- [ ] Examples are diverse
- [ ] Boundaries are clear

Common Agent Types

Expert Agent

Focus: Deep domain knowledge

## Purpose
You are an expert in [domain] with deep knowledge of [specifics].

Guard Agent

Focus: Validation and safety

## Instructions
- Validate all inputs against [criteria]
- Block requests that [conditions]
- Log suspicious activity

Translator Agent

Focus: Format conversion

## Examples
### Input Format
[format A]

### Output Format
[format B]

Key Quote

"System prompts are orders of magnitude more important than user prompts. They run once and affect everything."

Cross-References

• @system-vs-user-prompts.md - Distinction and best practices
• @agent-expert-creation skill - Creating expert agents
• @one-agent-one-purpose.md - Specialization principle

Version History

• v1.0.0 (2025-12-26): Initial release

---

Last Updated

Date: 2025-12-26 Model: claude-opus-4-5-20251101