Skip to content
Prompting Press v0.2

Prompt Definition

A prompt definition is a YAML, JSON, or TOML document that the Prompt object is constructed from. The shape is defined once as a JSON Schema; the per-language typed forms (Pydantic v2, TypeScript types, Rust serde structs) are code-generated from it at build time and never hand-maintained.


name, role, and body are required. All other fields are optional.

FieldTypeRequiredDescription
namestringYesLogical prompt name; the caller’s reference key.
role"system" | "user" | "assistant"YesConversational role; first-class metadata the caller reads. Shared across all variants.
bodystringYesThe DEFAULT variant’s template source. The root body IS the default arm; surfaced under reserved name ‘default’ with is_default=true.
variablesobjectNoDeclared input variables, shared across all variants. Each entry declares the variable’s type and input-trust flag. Default: {}.
variantsobjectNoNamed alternative arms. Absent => the prompt has only the default (root body) arm. Each arm differs ONLY in body (+ optional opaque metadata).
output_modelstringNoOptional OPAQUE reference to the caller’s output model (e.g. ‘NodeOutput’). Stored and echoed; never resolved, loaded, or parsed. Shared across variants.
metadataobjectNoArbitrary prompt-level metadata; library-OPAQUE (may include uninterpreted model/param hints, selection labels like weight/group/tags, or a guard key). Stored and echoed; never interpreted by the library. The prompt and each variant each carry exactly one metadata bag.

Each entry in the variables map is a PromptVariable. The type and trusted fields are required. The optional description field is a human-readable annotation; validation constraints belong in the per-language validator (Zod / Pydantic / garde) and are not part of this shape.

FieldTypeRequiredDescription
type"string" | "integer" | "number" | "boolean" | "array" | "object" | arrayYesJSON-Schema type keyword(s) for the variable.
trustedbooleanYesPer-field input-trust flag. true ⇒ a trusted input (never delimited). false ⇒ untrusted input: when the opt-in guard is enabled, the variable’s interpolated value is wrapped in injection-resistant <untrusted>…</untrusted> delimiters in the rendered body, and the guard advisory references the markers. Use check to detect untrusted variables (trusted: false) that lack a declared guard.
validation_requiredbooleanNoWhen true, a validator covering this variable MUST be supplied when the Prompt is constructed. Orthogonal to trusted — it MAY mark any variable, trusted or not. Declarative metadata; enforcement is per-language: TypeScript (Zod) and Python (Pydantic) introspect the supplied validator and throw/raise at construction if this variable is uncovered, while Rust guarantees coverage structurally at compile time. The kernel never reads this field (validation-blind). Default: false.
descriptionstringNoOptional human-readable description of the variable.

The trusted field is the per-variable input-trust flag. It is declarative metadata — the kernel does not enforce it at render time. Use check() to detect trusted: false variables that lack a declared guard.


Each entry in the variants map is a named alternative arm. A variant carries only a body (its own template source) and an optional metadata map. Role, variables, and output model are shared across all variants.

The name "default" is reserved for the root body; declaring a variant with that name is rejected at construction.

FieldTypeRequiredDescription
bodystringYesThe variant’s template source — the only field that differs per variant.
metadataobjectNoLibrary-OPAQUE per-variant metadata (selection labels like weight/group/tags, or a guard key). Stored + exposed; never interpreted by the library (caller selects). No schema-enforced selection semantics. Mirrors the prompt-level metadata bag.

Every call to render returns a RenderResult that carries two content-addressed hashes (in addition to the rendered text):

FieldWhat it hashes
template_hash (templateHash in TS)SHA256(resolved variant template source)
render_hash (renderHash in TS)SHA256(rendered output text)

These hashes are not the same as the per-variable trusted flag. They are content-addressed fingerprints that can be stored in a trace to pin exactly which template produced which output — and because all three bindings share the same Rust engine, the hashes are byte-identical across Rust, Python, and TypeScript for the same inputs.

docs current as of 0.2.0