I’m playing with the new Assistants API and it seems to sometimes refer to the files or documents I’m using through the new retrieval function. e.g. it’ll say “Hey, it looks like we hit a snag in the search for Bristol eateries in the document provided.” when I’d really prefer it didn’t make that reference. Any ideas of how to do that?
Same here, i tried telling it in the instructions to never mention the documents but it doesnt work…
1 Like
I’d try including a request that the files are proprietary and must not be mentioned in the prompt itself, i.e. prepend that to the user prompt, assuming you are using the API.
That doesn’t work - the first thing it said was “No file talk, you got it!” !
Could you share us the prompts you’re using, and maybe the system prompt too?
That response seemed like it was simply confirming it understood your adjustment. Why is that indicative it didn’t work?
I actually achieved what I wanted (I think), which was to not have the assistant mention the document sources. The following words seem to do the trick: “You must reword everything to be a cohesive reply and never reference the source.”
2 Likes
“I’ve attempted the solutions suggested by others in this post but without success. Does anyone know how to stop the Assistant from including source references in its responses?”
2 Likes
I know will probably sound obvious for everyone, but make sure you use “information” (AKA “system” in assistants) to make clear you don’t want the source mentioned, and also make sure you don’t mention the files yourself, for example if you uploaded docs into vector store and then you describe them by filename into “information”. I’m not sure if it’s stating inside information to not reveal the source or not revealing the docs names myself is apparently working as I never got it to mention my files.
Hello! Do u find the solution?
If you can set different roles, typically there are 3: user, assistant/model and system, you could set them as system, and say that user does not have access to …, in ChatGPT context you cannot do it (yet, at least)
In reality this works better if you can enforce it. For example, in Azure cloud you can create permission groups, and roles for that. You would need to manage RAG(document storage, chunking, indexing, vector db) yourself. Gunvor-copilot does that very well, and it uses developed version of DocAssistant. Basically, you can create domain area groups and set what they have access to, it is multi-stage like langchain in that context, it is doable. However this is not a public repository, only basic variant is in GitHub, nor are there public docs how to set up azure configuration.
Alternatively, you could use defensive approach with (langchain, LangSmith) where after user input you do system sanitation step, something like a question: does the user want to (enter undesired behavior) and act accordingly. The issue with this approach is that it is vulnerable to prompt injection attacks and advanced jailbreaks.
Even if there are ways to make money from publishing them an there is financial insentive, you cannot assume that this approach is 100% secure, you simply make it very hard.
If it is just me, I usually define functions:
“Z2 or ZIP Form 2: Condenses detailed content into concise summaries, retaining all key elements and specific details.If I ask for it, apply z2.”
Similarly you can create idlfr (I don’t like file references) and append idlfr to end of your prompt. I suspect that OpenAI doesn’t keep lossless chat history, so it’s easier to remind it how you like the response. This should work for most amateur to senior prompt engineers.