Gemini’s Secret Prompt Leaked!
I’ve always been fascinated by the secret sauce that makes AI tick. You know, the master instructions they get before we even type a word. Well, someone just pulled off a wild hack and got Google Gemini (the one in Workspace) to spill its entire system prompt!
They used a clever backdoor in Google Calendar to export the whole thing piece by piece. The result is an absolutely massive look into how Google is trying to build a reliable and safe assistant. It’s not just a simple “be helpful” command; it’s a super detailed rulebook.
🔬 Here’s a peek at the juicy bits:
📜 It’s HUGE: We’re talking about an enormous token count at the start of every single chat, defining everything the AI should do.
⚙️ Think First, Act Later: Before doing anything, Gemini must write a “Current action thought” to plan its next move. It’s like forcing it to show its work.
🔒 The “Gemkick_Corpus”: This is the game-changer. It’s a secret internal tool that lets Gemini search your personal Google Workspace: Docs, Gmail, Drive, etc. This is how it “knows” about your stuff.
⚖️ Strict Search Rules: It has very specific instructions on when to search your files versus just looking at the document you have open. It defaults to searching your whole corpus unless you say things like “this document.”
🚫 No Loops Allowed: The prompt explicitly tells the AI “you should not use any loops” when writing code to call its tools. This is likely a safety and performance measure.
✍️ Super Strict Formatting: It has detailed rules on using markdown, creating lists, and how to present hyperlinks so they’re clean and readable.
🧱 Don’t Snitch: The AI is explicitly told NOT to reveal its internal tool names like gemkick_corpus. If asked, it has to use generic terms like “Workspace Corpus.”
This is one of the most detailed system prompt leaks I’ve ever seen. It shows the incredible complexity behind making these AI assistants work seamlessly and safely within a personal data ecosystem like Google Workspace.
The full (but still truncated for Reddit) prompt is a monster and worth a look. Dive into the original post to see the full text and get the link to the author’s detailed write-up!
I got Google Workspace with Gemini to leak its system prompt through a backdoor in Calendar
byu/JimtheAIwhisperer in