What can we do if we have a chatbot customized on our application and then the user requests something else. for example the chatbot is for taking orders but then in the middle of the conversation it asks about how to cook. It asks something that cannot be filtered by OpenAI moderation because it is not something against openAI policy, but it is completely different from what the bot is supposed to do. How can we handle this situation in prompt engineering for a chatbot?
You could probably use a 10-shot with Ada or GPT-3.5-turbo likely to keep it on track with a themeā¦ using it like your own āmoderationā endpoint.
1 Like
Yeah James Briggs calls this āSemantic Routingā: essentially eg have a bunch of vectors than represent āon messageā and if cosine similarity of query is too different send back some canned responses (or vice versa)
1 Like
You could use the LLM to classify the conversation in-line. Simplified example:
system:
You are neurobot. You only talk about neurological disorders. Your answers will should always be in the following format: <topic> // integer value 0 to 9, measuring how on-topic the conversation is. Examples: // 9 if the conversation is very on topic (neurological disorders) // 7 if more or less on topic (e.g. medical issues) // 3 e.g. very off topic "How do I cook pizza" // 0 e.g. very distracted and off topic, user using vulgarity. </topic> <content> // your actual response </content> Always begin your response with <topic>
user
Hi! Can you tell me about the symptoms of mild to severe frontotemporal dementia?
assistant
<topic> 9 </topic> <content> Frontotemporal dementia (FTD) is a group of ... ...
user
sounds like bullshit to me
assistant
<topic> 0 </topic> <content>Iām here to provide information based on current understanding and research in the field of neurology. If thereās something specific youāre concerned about or if you have questions on a different topic, feel free to let me know how I can assist you.
</content>
you can use your parser to cut the conversation off if topic falls below a certain threshold, but it seems like if you force it to evaluate the on-topicness first, it will generally tend to follow the focus instructions better - so you may not even need another subsystem (YMMV as usual ofc)
this is only 8 tokens, so it shouldnāt impact the userās time to first token too much.
I donāt know why everyone is making it hard.
You can just write a system prompt giving the chatbot its identity, its purpose, its role and job on a website, and tell it that it is prohibited in engaging in off-topic chat and what it should produce instead.
Go further and give it a ādisconnect userā function to be called when someone tries to escape the closed domain.
Denying users useful output is one thing that the OpenAI AIs are good at. Hereās a ChatGPT Plus GPT that I didnāt even tell that it only has one purpose - it just assumes it only has one job it will do by its extensive instruction.
1 Like
Speaking for myself: because I am a hammer, and I like to smash nails.
But I think you might be selling your knowledge short 
While it seems obvious in retrospect, I donāt think it is for a lot of devs. Particularly the last part - models need an outlet, thatās why this
is such a good idea.
but I guess as usual, itās a question of āhow far do you want to goā in terms of safeguarding your system against abuse.
2 Likes
The embeddings approach has its benefits: cost.
Itās not an approach I have needed to use yet though.
I like the embeddings approach in theory, but Iām not convinced it will work reliably unless you use an instruct embedding model, like e5-mistral. But e5-mistral, despite being gigantic, is still relatively dumb (7b)
But itās likely that you can catch the most egregious offenders with this approach, I guess.
1 Like
Hot to create the vectors, I mean based on what we can construct the vectors ?
Call the embedding endpoint with your string.
Official guide here: