Assemble a System Prompt Like the Pros
Structure your agent's system prompt the way leading harnesses do: layered sections, dynamic context, and enforceable rules.
The route
4 steps to Done
- 01
Decompose the current prompt
Name every instruction's job before deciding where it lives.
Preview prompt + verify gate ▾ Hide ▴
Take my current system prompt and decompose it. Classify every sentence into: identity (who the agent is), capabilities (what it can do), hard rules (must/never statements), tool guidance (when to use which tool), environment (paths, stack, versions), style (tone, format), and dead weight (contradictory, duplicated, or unverifiable lines). Produce a table of sentences to categories, flag duplicates and contradictions, and list the dead weight for deletion. Report the token count of each category.
- ✓ Every sentence categorized
- ✓ Duplicates and contradictions flagged
- ✓ Dead weight listed with deletion rationale
- 02
Build the section-based assembler
Prompts as code: composable, reviewable, and measurable.
Preview prompt + verify gate ▾ Hide ▴
Implement a prompt assembler. Requirements: each section is a named function or template returning text; the assembler concatenates sections in a fixed order (identity, capabilities, hard rules, tool guidance, environment, dynamic state) with clear markdown headers; dynamic sections receive a context object (cwd, date, git branch and status summary, active plan if any) evaluated at call time; the assembler logs a per-section token count on every build. Port the categorized content from the previous step into sections, deleting the dead weight. Verify the assembled output against a golden snapshot test.
- ✓ Sections build in fixed order with headers
- ✓ Dynamic context evaluated at call time
- ✓ Snapshot test covers the assembled output
- 03
Pair rules with enforcement
A rule the harness cannot check is a wish.
Preview prompt + verify gate ▾ Hide ▴
Take every hard rule and decide its enforcement. For each rule choose: (a) harness-enforced - implement a code check (e.g. 'never edit unread files' becomes a read-before-write guard; 'never touch .env' becomes a path blocklist in the write tool), (b) test-enforced - write an eval case that fails if the model violates it, or (c) prompt-only - keep it in the prompt but mark it as unverified risk. Produce a rules table: rule, enforcement type, implementation pointer. Implement at least the top three harness enforcements now and demonstrate each blocking a violation in a test.
- ✓ Every rule has an enforcement decision
- ✓ Three harness guards implemented and tested
- ✓ Prompt-only rules are marked as accepted risk
- 04
Ablate to prove section value
Measure the prompt like a system, not a spell.
Preview prompt + verify gate ▾ Hide ▴
Run an ablation pass over the assembled prompt. For each major section, build a variant with that section removed and run a fixed 5-task smoke suite (mix of tool use, rule compliance, and formatting). Record per-variant: task success, rule violations, and format breaks. Sections whose removal changes nothing are candidates for cutting or merging; sections whose removal breaks rules confirm their value. Deliver the ablation table and the final trimmed prompt with its total token cost compared to the original monolith.
- ✓ Every section tested by removal
- ✓ Suite covers tools, rules, and format
- ✓ Final prompt smaller or better-justified than the original
Research-backed
Sources behind this flow
Tier 1 · claude-code-internals
Claude Code Orange Book
A book-length analysis ('Orange Book') dissecting Anthropic's AI engineering decisions from the 510,000 lines / 1,902 TypeScript files that shipped inside an npm package. Chapters cover the agent loop, context compaction, the hook system, and sub-agents - the concepts, not just the code.
Tier 1 · claude-code-internals
ClaudeCode-Source-Analysis (tammychurchly25)
A ~330-file markdown analysis of the leaked source (512,000+ lines, 1,906 files, TypeScript on Bun), organized module by module from the March 31, 2026 npm source-map leak. Its granularity makes it the best reference for looking up a specific subsystem.
Tier 2 · harness-engineering
Harness Engineering: from CC to AI coding
A full book on harness engineering ('from Claude Code source code to AI coding') with Chinese and English editions in book/ and book-en/. The single best conceptual source in this corpus: chapters on prompt assembly, tool design, context management, verification loops, and sub-agent patterns.
Tier 4 · coding-agents
Continue
An open-source IDE assistant whose architecture contribution is the context-provider system: pluggable providers (files, docs, terminal, issues) that assemble model context on demand.
Tier 4 · coding-agents
chatgpt_system_prompt
A large community collection of leaked/shared GPT system prompts and prompt-injection lore. Mined here for prompt-structure patterns: role framing, capability lists, constraint blocks, and output-format contracts.
Tier 1 · claude-code-internals
Deep Dive: Prompt-Layer Security in BashTool
Dissects how BashTool's prompt forms the first line of defense: a three-layer structure (tool preference chains, usage constraints, git-safety and sandbox protocols) assembled dynamically per environment. Shows how wording strategy works - capitalized NOT, positive alternatives ('use Edit' rather than 'avoid sed'), and 'better user experience' framing instead of 'security' - and how token budget (config dedup, conditional blocks) is treated as a first-class engineering constraint rather than an afterthought.