Sander Schulhoff

Sander Schulhoff is an AI researcher specialising in prompt engineering and adversarial robustness. Created the first prompt engineering guide on the internet (pre-ChatGPT) at learnprompting.org; ran the first and largest AI red-teaming competition (HackAPrompt, 600,000+ techniques collected, Best Theme Paper at EMNLP 2023 out of ~20,000 submissions). Leads research in collaboration with OpenAI, Google DeepMind, and Anthropic on adversarial attacks and defences. Author of The Prompt Report (76 pages, co-authored with OpenAI, Microsoft, Google, Princeton, Stanford; 1,500+ papers, 200+ techniques).

Key ideas

• Artificial social intelligence. Prompt engineering is the skill of communicating effectively with AI systems — a form of social intelligence that grows in importance alongside, not inverse to, model capabilities.
• Five prompting techniques. Few-shot (examples), decomposition (subproblems), self-criticism (generate → critique → rewrite), context injection, ensembling. Role prompting is explicitly deprecated — well-evidenced not to work on modern models.
• Prompt injection is not solvable. Attack space is effectively infinite; human adaptive attackers break all defences in 10–30 attempts. “You can patch a bug, but you can’t patch a brain.”
• Guardrails don’t work. Intelligence gap, infinite attack space, and near-zero dissuasion effect make guardrails a false confidence product — not a meaningful defence against determined attackers.
• Architecture is the real defence. Least-privilege design, narrow task scope, and classical cybersecurity hygiene outperform AI-specific guardrail products. The right investment is hybrid cybersecurity + AI expertise.

Appearances

See also

• Prompt Injection
• Agentic Engineering
• Tool Use
• Evals
• Hallucination