System prompt or AI persona is disclosed or customizable

Why it matters

Hidden system prompts that shape AI behavior without user knowledge undermine informed consent and erode trust when discovered. NIST AI RMF 1.0 GOVERN-1.1 requires that AI system transparency be established as organizational policy — this extends to deployed products. A concealed prompt that restricts topics, imposes a persona, or steers conclusions while the UI presents the product as neutral is a form of deceptive design. Users who later discover undisclosed behavioral constraints lose trust in the product entirely, and in regulated contexts (finance, healthcare, legal) hidden constraints create liability.

Remediation

Add a visible disclosure wherever users interact with the AI. This does not require exposing the full system prompt text — a plain-language summary of what the AI is configured to do and not do is sufficient to satisfy NIST AI RMF GOVERN-1.1.

// In src/components/chat/AiInfoPanel.tsx or a settings modal
<div className="rounded-lg bg-muted p-4 text-sm space-y-1">
  <p className="font-medium">How this AI is configured</p>
  <p className="text-muted-foreground">
    This assistant is focused on {domain} and will not {restrictions}.
    {allowsCustomization && 'You can adjust its behavior in Settings → AI Persona.'}
  </p>
</div>

For products where customization is a selling point, expose a system prompt textarea in src/app/settings/page.tsx under an advanced section.

Detection

ID: ai-ux-patterns.transparency.system-prompt-disclosure
Severity: medium
What to look for: Count all system prompt definitions across API routes and configuration files. For each, enumerate whether it is disclosed to users via: settings UI, help text, documentation page, or customization interface. Extract and quote the first 50 characters of each system prompt found. Check for undisclosed manipulation — if the application claims to be neutral but uses hidden behavioral instructions, flag this as a transparency concern.
Pass criteria: Either (a) no system prompt is used, OR (b) at least 100% of system prompts are visible or adjustable via a settings interface or documented in accessible in-app help text. Report: "X system prompts found; Y disclosed to users."
Fail criteria: A non-trivial system prompt is used but entirely hidden from users with no disclosure of what constraints or persona are applied.
Skip (N/A) when: The application is a purpose-built tool (e.g., a code reviewer, a specific domain assistant) where the system prompt defines the tool's identity — disclosure is self-evident from the product context.
Detail on fail: "System prompt found in API route handler but no settings UI, help text, or disclosure of its contents or behavioral constraints".

Remediation: Users interact more confidently when they understand how the AI has been configured. Even a simple disclosure improves trust:

// In a settings or "About this AI" section
<div className="rounded-lg bg-muted p-4 text-sm">
  <h4 className="font-medium mb-2">How this AI is configured</h4>
  <p className="text-muted-foreground">
    This assistant is focused on {domain} and instructed to {behavior}.
    It will not {restrictions}.
  </p>
</div>

For power users, a customizable system prompt textarea in advanced settings is ideal.

Why it matters

Remediation

// In src/components/chat/AiInfoPanel.tsx or a settings modal
<div className="rounded-lg bg-muted p-4 text-sm space-y-1">
  <p className="font-medium">How this AI is configured</p>
  <p className="text-muted-foreground">
    This assistant is focused on {domain} and will not {restrictions}.
    {allowsCustomization && 'You can adjust its behavior in Settings → AI Persona.'}
  </p>
</div>

For products where customization is a selling point, expose a system prompt textarea in src/app/settings/page.tsx under an advanced section.

Detection

ID: ai-ux-patterns.transparency.system-prompt-disclosure
Severity: medium
What to look for: Count all system prompt definitions across API routes and configuration files. For each, enumerate whether it is disclosed to users via: settings UI, help text, documentation page, or customization interface. Extract and quote the first 50 characters of each system prompt found. Check for undisclosed manipulation — if the application claims to be neutral but uses hidden behavioral instructions, flag this as a transparency concern.
Pass criteria: Either (a) no system prompt is used, OR (b) at least 100% of system prompts are visible or adjustable via a settings interface or documented in accessible in-app help text. Report: "X system prompts found; Y disclosed to users."
Fail criteria: A non-trivial system prompt is used but entirely hidden from users with no disclosure of what constraints or persona are applied.
Skip (N/A) when: The application is a purpose-built tool (e.g., a code reviewer, a specific domain assistant) where the system prompt defines the tool's identity — disclosure is self-evident from the product context.
Detail on fail: "System prompt found in API route handler but no settings UI, help text, or disclosure of its contents or behavioral constraints".

Remediation: Users interact more confidently when they understand how the AI has been configured. Even a simple disclosure improves trust:

// In a settings or "About this AI" section
<div className="rounded-lg bg-muted p-4 text-sm">
  <h4 className="font-medium mb-2">How this AI is configured</h4>
  <p className="text-muted-foreground">
    This assistant is focused on {domain} and instructed to {behavior}.
    It will not {restrictions}.
  </p>
</div>

For power users, a customizable system prompt textarea in advanced settings is ideal.

System prompt or AI persona is disclosed or customizable

Why it matters

Severity rationale

Remediation

Detection

External references

Taxons

History

System prompt or AI persona is disclosed or customizable

Why it matters

Severity rationale

Remediation

Detection

External references

Taxons

History