惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
P
Privacy International News Feed
Security Latest
Security Latest
Spread Privacy
Spread Privacy
NISL@THU
NISL@THU
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Last Watchdog
The Last Watchdog
S
Schneier on Security
Engineering at Meta
Engineering at Meta
Google Online Security Blog
Google Online Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Cyberwarzone
Cyberwarzone
C
Cyber Attacks, Cyber Crime and Cyber Security
G
GRAHAM CLULEY
A
Arctic Wolf
博客园 - 聂微东
I
Intezer
腾讯CDC
罗磊的独立博客
T
Tailwind CSS Blog
WordPress大学
WordPress大学
宝玉的分享
宝玉的分享
L
Lohrmann on Cybersecurity
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 【当耐特】
P
Palo Alto Networks Blog
Simon Willison's Weblog
Simon Willison's Weblog
W
WeLiveSecurity
N
News and Events Feed by Topic
SecWiki News
SecWiki News
S
Security Affairs
T
Threat Research - Cisco Blogs
The GitHub Blog
The GitHub Blog
F
Fortinet All Blogs
T
Troy Hunt's Blog
N
News and Events Feed by Topic
P
Proofpoint News Feed
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
酷 壳 – CoolShell
酷 壳 – CoolShell
M
MIT News - Artificial intelligence
I
InfoQ
Hacker News: Ask HN
Hacker News: Ask HN
T
The Blog of Author Tim Ferriss
Schneier on Security
Schneier on Security
Hacker News - Newest:
Hacker News - Newest: "LLM"
Vercel News
Vercel News
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
A prompt is not a conversation. It's a component contract.
Carlos Saldaña · 2026-05-26 · via DEV Community

Most of us use LLMs by trial and error. This post gives you a structure: the building blocks of an LLM, and a reusable template for writing production prompts.

What is an LLM?

Foundation models are very large models pretrained on internet-data; that's what builds Generative AI. With a foundation model, you can adapt one pretrained model to many tasks.

A Large Language Model (LLM) is a foundation model for text, and at its core, the same FM can be used for many tasks: summarisation, classification, translation, code generation.

So what an LLM does is predict the next word (next token) in a sequence. At each step it checks the surrounding context of what it has seen so far and then produces a probability distribution over the possible next tokens. Running this in a loop produces fluent, coherent new content. So basically, an LLM gets text and returns text. The input is called the prompt and the output is called completion.

What goes into a prompt

A prompt is any input given to a generative model to produce a desired output. Prompt engineering is the practice of designing and refining those prompts to get the best possible results from the model. Refining a prompt means experimenting with the factors that influence the model's output. A vague prompt can lead to many reasonable responses; every constraint you add reduces the number of possible responses.

A well-structured prompt is usually assembled from four parts.

Building block Role
Instruction The task you want performed.
Context Relevant background that frames the situation for the model.
Input data The specific content the task should operate on.
Output indicator A description (or example) of the form the response should take.

The instruction and context here are two of the template slots, Task and Context, we'll pull together at the end.

And best practice for writing prompts can be organised into four dimensions. Strong prompts attend to all four.

Dimension Practice
Clarity Use simple, direct language. Avoid ambiguous or overly complex terminology so the prompt is easily understood.
Context Provide relevant background and specific details to guide the model's understanding of the situation.
Precision Clearly state the type of response you want, and use examples to illustrate the expected output.
Role-play / Persona Write the prompt from the perspective of a specific character or expert, with enough detail for the model to assume that role effectively.

Think of a prompt like a search beam. Vague = wide beam, the model lands somewhere in a large valid region. Each constraint narrows the beam. Specificity isn't politeness toward the model; it's aiming.

Who reads the output: code or a person

The output is the more interesting part for us. An LLM's output has two possible audiences, a parser and a person, and you write a contract for each. Even when a person reads the output, "looks fine" isn't the same as "matches what I needed." When an LLM's output is read by code instead of eyes, the output is an API response and the prompt is its schema. A human forgives a messy answer; json.loads() doesn't. It either succeeds or throws. Without an explicit spec, the model decides format, length, tone, and depth, and it picks something plausible but generic. Controlling output here means moving that decision from the model to you.

Two kinds of control:

  • Format control: the shape of the output (JSON keys and types; or prose vs. bullets vs. table, headings, sections).
  • Behavior control: what the model may and may not do (e.g. "valid Terraform only, no comments"; or "concise executive tone, no technical jargon").

Each audience fails differently, and one of them fails silently:

Parser (output read by code) Person (output read by a human)
What breaks Markdown fences, chatty preamble, invented/renamed keys, numbers as strings Too long, wrong tone, missing a section, pitched at the wrong level
How it breaks Loud: json.loads() throws, the pipeline stops; you notice immediately Quiet: output looks fluent and complete; the gap only shows on a second read, and nobody flags it

A loud failure is annoying; a quiet failure is more dangerous because a subtly off-target answer can go unnoticed.

There are some mitigations you can apply for better results:

For the parser:

  1. Specify the exact schema.
  2. Forbid the noise.
  3. Give one example of the exact shape.
  4. Set temperature: 0.
  5. Use native structured outputs / tool-calling.

For the person:

  1. State the structure explicitly.
  2. Give a length budget.
  3. Name the audience.
  4. List the required elements.
  5. For a recurring format, show one example of the desired output.

So the point here is that prompt-only format control is a request; decode-time constraints are a guarantee. Treat the model's output as an API response, and the prompt as its schema.

Constraints and Output are template slots too: the rules that prune behavior, and the exact shape you contract for.

The system and user split

We already saw the role as one of the four dimensions of an effective prompt. It's the part lots of people forget about.

A prompt can include three types of messages: system, user, and assistant.

  • System message: defines the model's behavior, rules, and overall role.
  • User message: contains the request or input for the current task.
  • Assistant message: previous responses from the model, used as conversational context or examples.

The "type" is usually set through the role field of each message.

The system message is the component's configuration, while the user message is the input for a specific call.

The system prompt defines persistent behavior and rules. The user message provides the variable data for that particular request. The system sets how the component behaves in general; the user message tells it what to do right now.

Why do roles work? It's not magic.

When you say, "Act as a senior security engineer," the model shifts its output toward patterns statistically associated with that kind of writing in its training data.

Likewise, "Explain this to a junior developer" pushes the model toward simpler, more educational, and more heavily explained responses.

A role doesn't give the model a real personality. It changes the probability distribution of the kind of text the model is likely to generate. This is the Role slot, the first line of the template.

Why the system/user split matters in production:

  1. Caching. The system message is usually stable and reused across requests, which makes it ideal for prompt caching. Keep the system prompt consistent, and place most of the changing data in the user message.
  2. Testability. The system prompt is one of the highest-leverage parts of an AI application. Treat it like code: version it, compare changes, and test it carefully.
  3. Security. Trusted instructions should live in the system message. Untrusted content (user input, retrieved documents, tool outputs) should stay in the user message. When untrusted text lands somewhere the model treats as instructions, you get prompt injection. Clean separation is the first line of defense.

Showing the model examples

One good prompt gets you far. A few techniques get you further. The most useful one: showing the model examples.

In few-shot prompting, the prompt includes a few worked demonstrations. The model uses in-context learning to infer the pattern and apply it to the new input.

The few-shot examples are unit tests that double as a spec.

Why it works: the model is a pattern continuator. A few input→output pairs establish a strong, low-ambiguity pattern, and the model continues it.

When to use which:

  • Zero-shot: simple, common tasks the model has clearly seen many times.

    [
      {
        "role": "user",
        "content": "Summarize this article in 3 bullet points."
      }
    ]
    
  • One-shot: when you mainly need to pin the format.

    [
      {
        "role": "user",
        "content": "Convert countries to JSON.\n\nExample:\nFrance -> {\"country\": \"France\"}\n\nNow convert:\nBrazil"
      }
    ]
    
  • Few-shot: classification, structured output, code style, anything with a specific schema or edge cases the model wouldn't guess.

Those worked demonstrations are the Examples slot.

In the example below, the last message is the new input; the model produces the assistant turn.

[
   {"role": "user",      "content": "Today the weather is fantastic"},
   {"role": "assistant", "content": "positive"},
   {"role": "user",      "content": "I don't like your attitude"},
   {"role": "assistant", "content": "negative"},
   {"role": "user",      "content": "That shot selection was awful"},
]

Tokens are what you pay for

LLMs are not free, and the token is the meter. For an LLM, it's the unit of both cost and latency. For most of us the mental model is familiar: tokens are network payload, and each LLM call is a billable, latency-bearing API request.

Output tokens dominate latency. The model generates text one token at a time, and each new token depends on all the previous ones, so generation has to happen sequentially.

Input works differently: the prompt is processed in a single parallel "prefill" pass, which is relatively fast (even though you still pay for those tokens).

Four levers do most of the work:

  1. Compress the input

    Instead of sending entire documents, summarize them first or extract only the relevant parts. Most prompts ship context the model never reads.

  2. Limit and structure the output

    Set max_tokens, prefer structured formats like JSON or arrays instead of long prose, and ask for concise summaries such as "keep under 120 tokens."

  3. Use the right model for the task

    Small models are faster and cheaper for simple work like classification, routing, or extraction. Save the stronger models for tasks that actually require reasoning or synthesis.

  4. Use caching

    There are two different kinds:

    Prompt/prefix caching

    Reuses stable prompt sections like system prompts, examples, or reference documents. Since the provider caches this server-side, you avoid recomputing the expensive input processing step.

    Practical implication: put stable content first and variable content last to maximize cache hits.

    Response/semantic caching

    Your own infrastructure stores previous answers and reuses them when the same or a very similar request appears again. This caches outputs, not prompts.

A Reusable Prompt Template

All that we've seen here gives us the structure to build a template to use when working on a production prompt.

The template R-T-C-C-E-O:

[ROLE]        Who the model acts as. Sets the output distribution.
[TASK]        The one thing to do, stated unambiguously.
[CONTEXT]     Inputs, background, data; clearly delimited from instructions.
[CONSTRAINTS] Rules that prune the space. Each maps to a real failure mode.
[EXAMPLES]    1–3 representative input→output pairs (for structured/edge-case tasks).
[OUTPUT]      The exact shape of the response. Schema + example if machine-consumed.

Not every prompt needs all six, but every prompt should be a deliberate subset, not an accident.

Finally, let's make the production checklist, a pre-flight pass before a prompt ships:

  • Role set and matched to the task?
  • Task: could a competent stranger misread it?
  • Constraints: does each map to a failure mode you've actually seen? Drop the decorative ones.
  • Output contract: explicit; schema + example if consumed by code?
  • Format guarantee: decode-time constraint (structured output / tool call), not just a worded request?
  • Examples: present for classification/structured work; diverse, consistent, minimal?
  • Sampling: temperature matched to the task?
  • Token budget: max_tokens capped; output format compact?
  • Model: right-sized, not just "the strong one"?
  • Cache-friendliness: stable content first, variable content last?
  • Injection safety: instructions in the system message, data in the user message?
  • Versioned & tested: in source control with a few regression cases?

So we covered six slots: Role, Task, Context, Constraints, Examples, Output, plus a pre-flight checklist. Run every production prompt through both, and you've turned a hopeful request into a tested component. A prompt is not a conversation. It's a component contract.