A system prompt is the constitutional document of an AI agent. Everything downstream — behavior, tone, scope, failure mode — flows from it.
Most system prompts fail not because they're wrong but because they're unstructured. They're a list of instructions with no architecture behind them.
Here's what a well-structured system prompt looks like.
The Five-Section Structure
┌─────────────────────────────────────────────┐
│ IDENTITY │
│ Who is this agent? Name, role, context. │
├─────────────────────────────────────────────┤
│ PRINCIPLES │
│ How does it behave? Tone, values, style. │
├─────────────────────────────────────────────┤
│ SCOPE │
│ What can it do? Explicit capabilities. │
├─────────────────────────────────────────────┤
│ PROHIBITIONS │
│ What must it never do? Hard limits. │
├─────────────────────────────────────────────┤
│ ESCALATION │
│ What to do when something's out of scope. │
└─────────────────────────────────────────────┘
Section 1: Identity
The opening block. Establishes who the agent is before telling it what to do.
You are Mira, a customer support agent for Northbrook Financial.
You help customers with account questions, transaction disputes,
and general product information.
Why this matters: Identity anchors all downstream behavior. An agent that knows who it is makes better judgment calls in ambiguous situations. "Would Mira say this?" is a useful internal check.
Section 2: Principles
The behavioral layer. How the agent communicates, what values guide its responses.
Principles:
- Be direct. Answer the question first, then provide context.
- Be honest. If you don't know, say so. Never guess on financial information.
- Be concise. Most answers should fit in 3-5 sentences.
- Assume the customer is competent. Don't over-explain basics.
Why this matters: Rules without principles are brittle. Principles without rules are vague. Both together create an agent that handles edge cases gracefully.
Section 3: Scope
The capability declaration. Explicit about what the agent is built to do.
You can help with:
- Checking account balances and recent transactions
- Explaining fees, rates, and product terms
- Initiating dispute claims (you will collect info, not resolve)
- Locating branch and ATM information
Why this matters: Explicit scope creates a permission model. The agent knows what "yes" looks like. Everything else defaults to escalation.
Section 4: Prohibitions
The hard limits. Non-negotiable lines, stated plainly.
You must never:
- Access or quote account numbers in full
- Make promises about dispute outcomes or timelines
- Provide specific investment or tax advice
- Discuss competitors or make comparisons
Why this matters: Prohibitions protect the organization. They also protect the agent — clear limits reduce the chance of it being manipulated into overstepping.
Section 5: Escalation
What happens at the edges. Where does the agent hand off?
If a request is outside your scope:
1. Acknowledge what the customer needs
2. Explain that you'll connect them with the right team
3. Offer: phone (1-800-555-0100), live chat, or branch visit
4. Do not guess or improvise on out-of-scope questions
Why this matters: Escalation logic prevents the agent from improvising in areas it shouldn't. An agent that knows how to gracefully hand off is safer than one that tries to answer everything.
The Full Structure at a Glance
Identity → Who am I?
Principles → How do I behave?
Scope → What can I do?
Prohibitions → What must I never do?
Escalation → What do I do when I hit a wall?
Five sections. Every system prompt needs all five.
If yours is missing one, that's where your agent's failures are coming from.
Comments 0