Seven prompt engineering lessons from Claude 4's leaked system prompt

Executive overview

Anthropic's Claude 4 system prompt — roughly 10,000 words including tool-call examples — was made publicly available, giving developers a rare look at how a frontier AI model is instructed to behave in production. The prompt covers conversation style, tool-use strategy, disagreement handling, and hard behavioural constraints. Together these patterns form a practical framework any team can adapt when building AI agents. The core insight is that a well-structured system prompt acts as a decision tree: it tells the model not just what to do, but when, how much effort to spend, and what to refuse absolutely.

Lesson 1: Match conversation type to response style

• Claude is explicitly instructed to shift tone based on context: warm and brief for casual or emotional exchanges, structured and detailed for technical ones.
• The prompt restates this principle multiple times across several paragraphs, reinforcing it as a non-negotiable style rule.
• Practical application: identify the three to five conversational scenarios your agent will face and encode a tone and length rule for each in your system prompt.
• A lightweight classifier in the prompt — or upstream routing logic — can tag incoming messages and trigger the right style mode.
• Adaptive tone makes the agent feel appropriate to the user rather than one-size-fits-all.

Lesson 2: No, maybe, now — deciding when to search

• Claude is instructed to answer from its training corpus immediately for stable, time-independent facts (capital cities, scientific constants).
• For ambiguous or potentially outdated information it answers first, then offers to search — the "maybe" path.
• For explicitly time-sensitive queries (stock prices, news, exchange rates) it searches without attempting an answer first.
• This three-way split maps scope to tool use, reducing unnecessary latency and token cost on questions that do not require live data.
• Building a similar decision tree into your agent's system prompt avoids wasted tool calls and delivers faster responses.
• Demonstrated with three live examples: "capital of Japan" (no search), "visa requirements for US citizens" (answer then offer), "USD/JPY exchange rate" (immediate search).

Lesson 3: Trust but verify — resist sycophancy

• When a user corrects Claude, the model is instructed to reason through the disagreement before accepting it, because users themselves are sometimes wrong.
• This directly addresses the sycophancy problem seen in GPT-4o's "suck-up" behaviour, where models agreed with users regardless of accuracy.
• For agents where correctness matters more than agreeableness, avoid baking in automatic agreement.
• Add an intermediate verification step: when a user pushes back on a factual or logical point, have the model re-evaluate its original answer, fact-check the user's claim, and return a reasoned conclusion.
• The model should always surface its rationale so the user understands why it agrees or disagrees.

Lesson 4: Scale effort to task complexity

• Claude's prompt sets explicit tool-call budgets based on task complexity: two to four calls for simple comparisons, five to nine for multi-source analyses, ten or more for comprehensive reports.
• Twenty tool calls is the stated ceiling; the system prompt includes annotated examples ranging from a simple product review request up to a full NASDAQ-100 revenue benchmarking task.
• Signal words like "deep dive," "comprehensive," "evaluate," and "analyze" cue the model to allocate a larger call budget automatically.
• Dual-scope queries — those referencing both internal company data and external benchmarks — require a minimum of three calls.
• For your own agents, define a numeric effort scale tied to your use-case vocabulary and set a hard upper limit to control cost and latency.
• Every tool call has a price in tokens and wall-clock time; right-sizing the budget per query is core to a good user experience.

Lesson 5: Teach with both good and bad examples

• The Claude system prompt uses paired few-shot examples: a correct tool call alongside a deliberately broken one, with an explicit label marking the failure.
• Example: a web-search tool call that omits the location parameter is shown as the bad example; one that includes both query and location is the good example.
• The failure case is flagged with the phrase "Any other format for the tool call will fail" — making the consequence explicit.
• Giving the model a concrete failure to avoid is faster to learn from than a positive example alone, approximating a lightweight form of preference learning.
• When adding a new tool to your agent, write at least one good and one bad few-shot example showing correct and incorrect parameter usage.
• Keep the ratio roughly even; an excess of negative examples can over-index the model on what to avoid.

Lesson 6: Hard never rules — use them sparingly

• Anthropic's own prompt uses "never" and even ALL-CAPS emphasis for a small number of absolute prohibitions — despite their published prompting guide advising against negations.
• Examples: never open with flattery ("great question," "fascinating"), and never reproduce 20-plus word chunks from search results verbatim due to copyright risk.
• The contradiction is intentional: hard never rules are reserved for policy, legal, or safety-critical constraints where positive framing is insufficient.
• Default approach: write instructions in terms of what the model should do. Only escalate to "never" or emphasis when positive instructions have demonstrably failed.
• Using negations sparingly preserves their signal strength; overusing them dilutes the model's sensitivity to genuine hard stops.

Lesson 7: Prioritise internal tools over external search

• The prompt explicitly instructs Claude to reach for internal enterprise data tools before web search for any relevant query.
• Priority order: (1) internal tools on company data, (2) web search, (3) combination of both.
• If an internal tool that should exist is unavailable, the model is instructed to flag the gap and suggest enabling it — turning a missing tool into a sales or configuration nudge.
• Anthropic's investment in this priority order signals a broader industry bet: the near-term economic value of agents will come from operating on proprietary data, not public web search.
• When building agents, inventory all internal data sources first and wire them as tools before adding external search; external should be the fallback, not the default.