Prompt Engineering

Zero-shot to chain-of-thought, the anatomy of a great prompt, and the attacks every practitioner must recognize.

10 min read

Prompt engineering is crafting model inputs to get the outputs you want — the cheapest and fastest way to adapt a foundation model, because it requires no training at all. A well-engineered prompt states the role, task, context, examples, constraints, and desired output format.

Prompting techniques

TechniqueWhat it isWhen to use
Zero-shotJust the instruction, no examplesSimple tasks the model already handles well
One-shot / Few-shotInclude 1 or several worked examples in the promptTeach format, style, or tricky classifications without training
Chain-of-thought (CoT)Ask the model to reason step by step ("think step by step")Math, logic, and multi-step reasoning problems
Prompt templatesReusable prompts with variables filled per requestProduction apps needing consistency
Negative promptingExplicitly state what NOT to do or includeSteering away from unwanted content/styles
Exam tip

Count the examples: zero examples = zero-shot, a few examples = few-shot. "Explain your reasoning step by step" = chain-of-thought. These labels are tested almost verbatim.

Anatomy of a strong prompt

Key points

  • Role/persona — "You are an experienced tax accountant…"
  • Clear task — one specific instruction beats several vague ones.
  • Context — the background or data the answer must use.
  • Format specification — "Respond as a JSON object with fields…"
  • Constraints — length, tone, audience, what to avoid.
  • Iterate: prompt engineering is experimental — test, measure, refine.

Prompt attacks (know these!)

AttackWhat happens
Prompt injectionMalicious instructions hidden in user input (or in retrieved documents) hijack the model's behavior
JailbreakingCrafted prompts trick the model into bypassing its safety rules
Prompt leakingAttacker extracts the hidden system prompt or sensitive context
Watch out

Defenses: validate and sanitize user input, use Bedrock Guardrails, separate system instructions from user content, apply least-privilege permissions to what the model can access, and keep humans in the loop for sensitive actions.

Knowledge check
Question 1 of 4

A prompt includes three example email/label pairs before asking the model to classify a new email. Which technique is this?