Query Insights: Update model & refine prompt components #468
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…into dev/xingfan/updatemodel
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request refactors the LLM prompt architecture to improve security against prompt injection attacks and updates the preferred model from 'gpt-5' to 'gpt-4o'.
Changes:
- Updated the preferred LLM model from 'gpt-5' (non-existent) to 'gpt-4o', with 'gpt-4o-mini' as the fallback
- Introduced a new
FilledPromptResultinterface to separate prompt components into craftedPrompt (instructions), userQuery (user input), and contextData (system-retrieved data) - Refactored message structure to use Assistant role for instructions and User role for data, implementing a prompt injection defense pattern
- Added security-focused prompt components including PRIORITY DECLARATION, SECURITY INSTRUCTIONS, and CRITICAL_JSON_REMINDER
- Updated all prompt templates with new structure including data placeholder documentation sections
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 7 comments.
| File | Description |
|---|---|
| src/commands/llmEnhancedCommands/promptTemplates.ts | Major refactoring: changed model configuration, added new utility functions for security-focused prompts, created FilledPromptResult interface, and restructured all prompt templates with security instructions and data placeholder documentation |
| src/commands/llmEnhancedCommands/queryGenerationCommands.ts | Updated fillPromptTemplate to return FilledPromptResult components and refactored message construction to use Assistant/User role pattern for security |
| src/commands/llmEnhancedCommands/indexAdvisorCommands.ts | Updated fillPromptTemplate to return FilledPromptResult components, refactored message construction to match new pattern, and updated telemetry calculation |
tnaum-ms
requested changes
Jan 29, 2026
Collaborator
tnaum-ms
left a comment
tnaum-ms
left a comment
There was a problem hiding this comment.
@xingfan-git please resolve copilot's concerns, and add a description in the PR that explains why the applied solution is an effective approach against 'prompt injections'.
Contributor
Author
|
@copilot summarize the PR and generate description |
Contributor
|
@xingfan-git I've opened a new pull request, #475, to work on those changes. Once the pull request is ready, I'll request review from you. |
tnaum-ms
previously approved these changes
Feb 3, 2026
tnaum-ms
changed the title
tnaum-ms
approved these changes
Feb 3, 2026
sajeetharan
approved these changes
Feb 3, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updated the prompt structure to mitigate prompt injection attacks. The changes include:
Set the default model as gpt-4o to provide faster response