System Prompt
Last updated June 10, 2026
What is System Prompt in simple terms?
In simple terms, a system prompt is the hidden instruction sheet an AI gets before you start chatting. It sets the AI's role and rules — like a job briefing given to staff before a shift, shaping how they behave.
What is System Prompt?
A system prompt is a set of background instructions given to an AI model before a conversation begins, setting its role, behavior, tone, and rules — usually written by whoever built the application rather than the end user, and working quietly behind the scenes.
When you chat with an AI assistant, your messages usually aren't the only instructions the model is following. Behind the scenes, before your conversation even starts, the model is typically given a system prompt — a set of standing instructions that establish who it should act as, how it should behave, what tone to take, and what rules to follow. You generally don't see it, and you didn't write it; it's set by whoever built the application. The system prompt is what turns a general-purpose model into a specific assistant with a defined personality and purpose — the same underlying model can be a cheerful cooking helper, a formal legal-research tool, or a children's tutor, depending entirely on the system prompt wrapped around it.
A helpful way to picture it is the briefing a member of staff gets before their shift, separate from anything a customer later asks. "You're a support agent for this company. Be friendly and concise. Only discuss our products. Never share internal pricing. If you don't know something, say so and offer to escalate." Those standing instructions shape every interaction that follows, whatever individual customers happen to ask. The system prompt plays that role for an AI: it sets the frame once, and then your messages — the regular prompts — arrive inside that frame. This is also a common place where guardrails live, since the system prompt is where builders specify what the assistant should and shouldn't do.
It's worth understanding both the power and the limits of system prompts. They're a major lever for controlling AI behavior without retraining the model — change the instructions and you change the assistant, instantly and cheaply, which is why so much of building an AI product is really about crafting good system prompts. But they're not foolproof. A determined user can sometimes craft messages that talk the model into ignoring or overriding its system prompt — a manipulation known as prompt injection or, more broadly, jailbreaking — which is a genuine security concern for anyone deploying these systems. The system prompt sets the intended behavior firmly, but because it's ultimately just more text the model reads, it can occasionally be undermined by cleverly worded input, which is why serious applications back it up with additional safeguards rather than relying on it alone.
Real-world example of System Prompt
A bookshop adds an AI helper to its website, and what makes it feel like the shop's own assistant rather than a generic chatbot is the system prompt the owner wrote: "You are the friendly assistant for Corner Page Books. Help customers find books, recommend titles by mood or genre, and answer questions about opening hours and events. Keep a warm, bookish tone. Only discuss books and the shop — politely decline anything else. If you're unsure whether a title is in stock, say you'll check rather than guessing." Every visitor who types a question gets answers shaped by those hidden standing instructions. The customer just sees a helpful, on-brand assistant; the system prompt is the unseen briefing making it behave that way before a single customer says a word.
Related terms
Frequently asked questions about System Prompt
What is the difference between a system prompt and a regular prompt?
A regular prompt is the message you, the user, send during a conversation — your actual question or request. A system prompt is the background instruction set given to the model beforehand, usually by whoever built the application, defining the AI's role, behavior, and rules for the whole conversation. Your prompts operate inside the frame the system prompt establishes. Put simply: the system prompt sets the standing rules and persona once, and your individual prompts are the live requests that follow within those rules.
How does a system prompt work?
Before your conversation begins, the application places its instructions — the system prompt — at the start of what the model reads, ahead of your messages. The model treats those instructions as the governing context for how it should respond throughout, so they shape its role, tone, and limits across the whole exchange. Because it's all just text the model processes together within its context window, the system prompt steers behavior without any retraining: changing the instructions immediately changes how the assistant acts, which is why it's such a flexible control.
Can a system prompt be overridden or ignored?
Sometimes, which is an important caveat. Because a system prompt is ultimately just text the model reads, a determined user can occasionally craft input that persuades the model to disregard or work around its instructions — a manipulation called prompt injection, part of the broader practice of jailbreaking. This is a real security concern, especially for applications handling sensitive tasks. A well-designed system prompt sets firm intended behavior, but serious deployments don't rely on it alone; they add extra safeguards to catch attempts to subvert it.