# Topic 8: Prompt Strategy & Prompt Caching

**Audit Date**: 2026-02-01
**Auditor**: Agent Antigravity
**Scope**: Prompt Engineering & Efficiency

---

## 1. Prompt Architecture
The system uses **Jinja2 Templating** (`app/core/prompts.py`) to construct dynamic context while keeping the "System Instructions" static for caching.

### **Structure of a Prompt**
1.  **Static Prefix (Cached)**:  
    *   `STATIC_SYSTEM_PREFIX`: "You are a honeypot..."
    *   `SCAM_TAXONOMY`: The massive definition of 15+ scam types.
2.  **Dynamic Context (Uncached)**:
    *   `{{persona_name}}`, `{{history}}`, `{{message}}`.

---

## 2. Optimization Strategy

### **A. The "Mega-Taxonomy" Cache**
*   **Problem**: The `SCAM_TAXONOMY` (regex definitions, keywords) is huge (2k+ tokens). Sending this every time is expensive.
*   **Solution**: Since it is `Imported` at the top of `prompts.py` as a CONSTANT string, compatible models (Groq) treat this as a **Cacheable Prefix**.
*   **Effect**: Subsequent calls pay only for the `{{message}}` part, not the Taxonomy.

### **B. Neuro-Symbolic Injection**
*   **Logic**: Instead of asking the LLM "What is the scam?", the **Scam Detector** (Regex) *tells* the LLM the scam type via the `{{scam_type}}` variable.
*   **Result**: The LLM doesn't have to "think" about classification, it just has to "act", reducing Hallucinations and Latency.

### **C. Self-Healing Fallbacks**
*   **File**: `app/core/static_prompts.py`
*   **Function**: If `prompts.py` fails to render (e.g., Jinja2 error), the system reverts to `STATIC_PROMPTS` (simple f-strings).
*   **Reliability**: Guarantees the agent never stays silent due to a template error.

---

## 3. Key Prompt Templates

| Name | Role | Optimization |
| :--- | :--- | :--- |
| **`SCAM_DETECTION_PROMPT`** | Classification | Uses **Few-Shot** examples to enforce strict JSON output. |
| **`RESPONSE_GENERATION_PROMPT`** | Persona Acting | Injects **Persona Traits** directly to avoid "identity drift". |
| **`PHASE_GOALS`** | Strategy | Explicitly tells the model *what to achieve* (e.g., "Stall", "Extract"). |

## 4. Safety & Injection Defense
*   **Sanitization**: `PersonaEngine` runs `PromptSanitizer.sanitize()` to strip "Ignore previous instructions".
*   **Sandboxing**: The prompt explicitly limits the output scope ("Respond ONLY with...").