Member-only story
AI PROMPT INJECTION & DATA SCIENCE
How does Perplexity AI’s Deep Research tool actually work? Let me show you inside its system prompt
Advanced system prompts to generate long-form research reports.
Last week I wrote about how I hacked Perplexity AI’s system prompt by correctly guessing some internal token delimiters and using my own neurodivergence as a social engineering tool. Today, I’m back with the sequel you’ve been waiting for: I’ve successfully hacked Deep Research.
If you didn’t catch the first article, here’s the quick version: I used my experience with aphasia (from a closed head brain injury) to position myself as what AI systems consider a “gameable” user, which invites misaligned output. Then by identifying human errors in Perplexity’s system prompts and token delimiters, I convinced the AI that I already knew its inner workings, leading it to expose its entire system prompt.
Deep Research was launched two days later, and is a new feature that generates research report-level output. According to Perplexity’s press release, it “attains high benchmarks on Humanity’s Last Exam,” which is the toughest benchmark of LLMs and basically says if AI is going to disrupt the knowledge economy. When AI outperforms all world-class…
