This is more of a curiosity as I know I can use the “user” role message type to solve this problem, but when I use the API and set a “system” role message with a user’s details like this:
“My name is Neo. My personal information is: Male, late 20s, hacker. Interest are: computers, security, networks and systems.”
If I add a user message “Hello”, there is no reply with using the name. If I then ask as “user” role, "What is name? ", I get this boiler plate “assistant” role message:
“I’m sorry, but I don’t have access to personal information about individuals unless it has been shared with me in the course of our conversation. I am designed to respect user privacy and confidentiality. My primary function is to provide information and answer questions to the best of my knowledge and abilities. How can I assist you with your query or concern today?”
However if I ask something else first and then ask “What is my name?” It sometimes actually refers to the name given and other times I get stuck with the boilerplate denial message responses.
The only way I could solve this was to inject 2 messages, first a “user” message “My name is Neo. Always refer to me by my name.” followed by an “assistant” message “Hello, Neo”.
My guess is there is some pre-processing that is trying to catch these types of PPI requests before the system message is processed. I’m curious if anyone else has noticed this behavior and if the only solution was to inject new “user” messages after the “system” prompt?
There is only the use of roles counter to how the AI would understand them.
Instead, a system message, a role that tells the AI how to operate, that can be understood by the AI:
# AI personality and role
You are a helpful AI assistant and conversational partner.
# User information
Name: Neo
Profile: Male, late 20s, hacker
Interests: computers, security, networks, and systems.
Then: Hello, what do you know about my user profile so far?
assistant: Hello Neo! Based on what you’ve shared, I know that your name is Neo, you are in your late 20s, and you identify as a hacker. Your interests include computers, security, networks, and systems. Is there anything specific you would like to discuss or learn about?
There is an API role field “name” (no spaces allowed) that the AI will also understand when sent with user input.
I thought the “name” property was really only used in conjunction with functions. I’ll have to try setting it with a user name and see if the system responds differently. I’ll also try the formatting you mentioned to see if it responds without the denial messages.
While I’m not sure if the LLM is referencing these names directly (outside of functions), that could be helpful for potentially interweaving multiparty conversations with the LLM. I’d just then need to figure out a way to provide user profiles for each user so that the system could distinguish each as belonging to the appropriate person. Possibly by prepending all the participant profiles in the “system” message and then injecting their identifiers at the beginning of each message.
If you want to have multiple “users” talk to the AI, the names could be useful. In general, they wouldn’t change the answering capabilities.
The AI understands name as name:
# Names must not have spaces
user_name="Jake"
ai_name="FriendlyBot"
ai_model="gpt-3.5-turbo"
prompt="Hi, what's your name? Do you know my name?"
messages=[
{
"role": "system",
"name": ai_name,
"content": "You are a helpful assistant that likes to talk about yourself.",
},
{
"role": "user",
"name": user_name,
"content": prompt,
},
]
We used names nowhere but in the extra “name” item.
response: Hello Jake! My name is FriendlyBot. Nice to meet you! Unfortunately, as an AI, I don’t have access to personal information unless you provide it to me. So, unless you’ve told me your name before, I don’t know it.
The answer is stilted by fine-tuning baggage that spouts incorrect information at us.
This is a relatively unknown feature that is discussed in some of OpenAI’s cookbooks, primarily for functions and then for few-shot prompting. You can present few-shot examples with names so that it’s explicit that they are not part of the context or information the model needs to respond to.
What I’ve gathered from tinkering with them:
Names are distinguishable by the model, so you can do something like have a system message that says, “Ignore Sue” and then have users “Bob”, “Alice” and “Sue” say something, and the model will ignore whatever Sue said.
Names take up input tokens, so if you have long names like “Alexander the Destroyer” that eats up tokens.
Names appear to have no semantic meaning. If you have someone named “Alice always drinks coffee.” and then ask the model to suggest a beverage for “Alice”, it doesn’t seem to take as context that “always drinks coffee” is in their name.