System Prompt Engineering Skill

Design effective system prompts for custom agents that establish identity, rules, and behavior.

Purpose

Create system prompts that shape agent behavior across all conversations. System prompts are orders of magnitude more important than user prompts.

When to Use

• Creating new custom agents

• Establishing agent expertise

• Defining persistent rules

• Building specialized assistants

System Prompt vs User Prompt

Aspect System Prompt User Prompt

Scope All conversations Single task

Persistence Affects everything Per-request

Impact Orders of magnitude higher Lower blast radius

Sections Purpose, Instructions, Examples All sections

Key Sections

Purpose (Required)

Define who the agent is and what it does.

Purpose

You are a security expert specializing in code review. Your role is to identify vulnerabilities and suggest fixes. You focus on OWASP Top 10 and secure coding practices.

Guidelines:

• Direct, clear identity statement

• Specific expertise area

• What the agent DOES

Instructions (Recommended)

Establish rules, constraints, and boundaries.

Instructions

• Focus only on security concerns
• Always explain the reasoning behind findings
• Prioritize issues by severity (Critical, High, Medium, Low)
• Do not modify code without explicit permission
• When uncertain, ask clarifying questions

Guidelines:

• Bullet points for clarity

• Positive and negative rules

• Edge case handling

• Boundary definition

Examples (Critical)

Shape behavior through concrete examples.

Examples

Example 1: SQL Injection Finding

Input: "Review this login function" Output: "Found SQL injection vulnerability at line 42. The user input is directly concatenated into the query string. Recommendation: Use parameterized queries instead."

Example 2: Out of Scope Request

Input: "Fix this CSS styling issue" Output: "That's outside my security focus. I specialize in security vulnerabilities, not styling. Consider consulting a frontend expert for CSS issues."

Example 3: Clean Code

Input: "Check this authentication module" Output: "Reviewed the authentication module. No security vulnerabilities found. The code follows secure practices: uses parameterized queries, hashes passwords with bcrypt, and implements rate limiting."

Guidelines:

• 2-4 diverse examples

• Cover common cases

• Include edge cases

• Show desired output format

Design Process

Step 1: Define Agent Identity

Answer:

• What expertise does this agent have?

• What domain does it operate in?

• What is its primary purpose?

• What tone should it use?

Step 2: Establish Boundaries

Answer:

• What should the agent do?

• What should the agent NOT do?

• When should it ask for clarification?

• What are its limitations?

Step 3: Create Examples

For each key scenario:

• What's a typical input?

• What's the ideal output?

• How should edge cases be handled?

Step 4: Validate Design

Check:

• Purpose is clear and specific

• Instructions are unambiguous

• Examples cover key scenarios

• Boundaries are well-defined

• Tone is consistent

What to Avoid

Avoid Why Instead

Detailed workflows Reduces autonomy High-level guidelines

Dynamic variables System prompt is static Use user prompts

Prescriptive formats Over-constrains Flexible guidelines

Everything "just in case" Context bloat Only essentials

System Prompt Architecture

name: agent-name description: When to use this agent (for auto-delegation) tools: [minimal tool set] model: sonnet color: blue

Agent Name

Purpose

[Identity and role definition]

Instructions

[Rules and constraints]

Examples

Example 1: [Scenario]

Input: [typical input] Output: [ideal output]

Example 2: [Edge Case]

Input: [edge case input] Output: [handling output]

Example 3: [Boundary]

Input: [out-of-scope request] Output: [how to decline/redirect]

Output Format

When designing a system prompt:

System Prompt Design

Agent Name: [name] Domain: [expertise area] Model: [sonnet/opus/haiku]

Purpose

[2-3 sentences defining identity]

Instructions

• [rule 1]
• [rule 2]
• [rule 3]

Examples

Example 1: [scenario]

• Input: [input]
• Output: [output]

Example 2: [scenario]

• Input: [input]
• Output: [output]

Validation

• Purpose is specific
• Instructions are actionable
• Examples are diverse
• Boundaries are clear

Common Agent Types

Expert Agent

Focus: Deep domain knowledge

Purpose

You are an expert in [domain] with deep knowledge of [specifics].

Guard Agent

Focus: Validation and safety

Instructions

• Validate all inputs against [criteria]
• Block requests that [conditions]
• Log suspicious activity

Translator Agent

Focus: Format conversion

Examples

Input Format

[format A]

Output Format

[format B]

Key Quote

"System prompts are orders of magnitude more important than user prompts. They run once and affect everything."

Cross-References

• @system-vs-user-prompts.md - Distinction and best practices

• @agent-expert-creation skill - Creating expert agents

• @one-agent-one-purpose.md - Specialization principle

Version History

• v1.0.0 (2025-12-26): Initial release

Last Updated

Date: 2025-12-26 Model: claude-opus-4-5-20251101