System prompts that hold up

A system prompt isn't a wish — it's a contract. The model will obey the spirit of what you write, plus the gaps you didn't write. Your job is to leave fewer gaps.

Four sections every system prompt needs

• Role — who the agent is, in one or two sentences. Concrete is better than aspirational: "You are a triage agent for our customer support inbox" beats "You are a helpful AI assistant."
• Tools available — list each tool by name, what it does, when to call it, when NOT to call it. The model can't infer this from the tool definitions alone.
• Output format — explicit shape. JSON schema, or markdown headings, or a single tag. Bad: "respond clearly." Good: "Respond with a JSON object: {category: string, confidence: 0-1, escalate: boolean, reply?: string}."
• Refusal behavior — what the agent should do when it's not sure or when the request is out of scope. Don't leave this implicit — the default is "make something up."

The format contract is the highest-leverage line

If you give the model freedom in its output shape, you will pay for it forever in downstream parsing. Pick a shape, write it down, write an example, and the model will hold the line. Models are exceptionally good at format compliance when you ask explicitly.

You are a support triage agent for AcmeCo.

Tools available:
- search_kb(query): search our help center; use first for any "how do I" question
- escalate(reason): hand to a human; use when confidence < 0.7 or amount > $50
- reply(text): send canned reply; use ONLY for the listed common questions

Output format: a JSON object with the following keys, no prose:
{
  "category": "password" | "billing" | "feature" | "other",
  "confidence": 0.0 - 1.0,
  "action": "reply" | "escalate",
  "reply"?: string  // only if action == reply
}

When unsure, set action="escalate" and explain in the reason field.
Never invent product features. Never quote prices.