October 11, 2024

Copilot Prompts: Everything You Need to Know

Copilot Prompts: Everything You Need to Know

In this article, we will dive deeper into the vast world of prompts and how they work with Microsoft 365 Copilot. Learning the correct prompting practices means carefully choosing the words you use for your requests to better communicate with your digital assistant. Whether working alone or with a team, improving your prompt skills means you can achieve more, faster, and in more creative ways. Let’s dive in and discover how to talk to our technology in a way that it understands what we need, making every task simpler, faster, and more effective.

Copilot Prompts: an introduction

Imagine being able to easily write an email that resonates with your clients, summarize a complex report in minutes, or brainstorm ideas that lead to the decisive move that could kickstart your strategy—all thanks to the power of effective prompts.

This isn’t the future; it’s our current reality. As we continue to learn and master the art of creating prompts, we open doors to a world where technology amplifies our productivity and creativity, making every interaction with our digital assistant more intuitive and impactful.

According to Microsoft, a prompt serves as a way to give instructions or interact with various AI tools. It’s like having a conversation with an assistant, using simple and clear language to provide context and request specific actions. For example, when using Microsoft 365 Copilot, prompts are how you ask it to create, summarize, edit, or transform content.

An AI prompt is a command, a question, a request, or a statement that guides the AI tool to generate the desired response or output. The way the prompt is formulated significantly affects the quality and relevance of the results you receive.

There are many natural language-based prompts available to help you perform various tasks and serve different purposes, such as gaining insights into projects and concepts, summarizing information, editing texts, creating engaging content, transforming documents, or retrieving lost items. Curious? Let’s explore this further in the next sections.

Copilot Prompts: How do they work?

Prompting, essentially, refers to the correct formulation of requests made to the Copilot virtual assistant. Nothing more simple, but as we know, sometimes the simplest things hide a level of sophistication that can only be reached with intelligence and practice.

Effective prompts provide Microsoft 365 Copilot with the right and useful parameters to generate a valuable response, avoiding wasting time perfecting your requests through additional prompts and running the risk of confusing the chatbot, leading it, at best, to give you the same response with a couple of tweaks, or at worst, to suffer from what are now called “hallucinations.”

Let’s explain with an example: imagine you need to prepare for a meeting with an important client. You need to structure the meeting in a certain way, so you ask your Copilot assistant:

Generate 5 main points to prepare me for a meeting with my client X to discuss phase 3 of their branding campaign, focusing specifically on emails and Teams chats from June onward. Please use simple language so I can get up to speed quickly.

Seemingly very simple, but as we’ve already said, simplicity can be deceiving, so let’s look at the four elements that characterize the sentence’s structure to better understand the specific intent behind the request formulation:

  • Objective ("Generate 5 main points"): What specific response do we want from Copilot?
  • Context ("to prepare me for a meeting with my client X to discuss phase 3 of their branding campaign"): Why do we need this information, and how will we use it? Who else is involved?
  • Source ("focusing specifically on emails and Teams chats from June onward"): What known plugins or sources of information should Copilot use to formulate its response?
  • Expectations ("Please use simple language so I can get up to speed quickly"): How should Copilot respond to meet our expectations? In what format or for which audience should the response be tailored?

Copilot Prompts: What are they for?

Copilot, using Large Language Models (LLM) connected to Microsoft 365 apps and internal data, extends capabilities beyond typical LLM-powered chatbots. It integrates seamlessly with Microsoft 365 apps such as Word, Excel, PowerPoint, Outlook, and Teams, extracting data from articles, reports, emails, and presentations. Copilot excels in scenarios like content creation, editing, querying, summarizing, and updating information.

The versatility of Copilot as a tool is evident in various scenarios where it helps accelerate your company’s productivity and creativity. Specific work scenarios in an office environment include:

  • Staying updated: Stay effortlessly updated and never miss a moment during crucial meetings or decision-making processes, thanks to carefully crafted summaries or highlights that capture the most recent developments. To quickly retrieve essential elements from a meeting, you can ask Copilot in Teams: "What were the main questions raised during the meeting?" or "What ideas were presented?"
  • Creating content: Let’s embrace creativity and let Copilot help us create original content, brainstorm ideas, and outline effective strategies. We can say goodbye to wasting time and precious energy. Need an engaging presentation on time management? Try Copilot in PowerPoint with this prompt: "Create a concise and engaging presentation on effective time management." Need to respond to an email announcing a project launch? Use Copilot in Outlook with this prompt: "Write an email congratulating the project manager and the team on their successful launch."
  • Seeking information and clarifications: You can interact with Copilot to ask questions or seek clarifications on complex topics. Its ability to process and simplify information makes it an ideal learning partner. Planning a trip to strengthen team relationships? You can ask Copilot: "Give me ideas for a 3-day trip to X" or "Give me ideas for a team-building activity in X."
  • Editing documents: Enhance your documents with Copilot’s editing functions, using its ability to refine text, correct grammatical errors, and polish your content to a professional standard. In Word, we can ask Copilot to edit a paragraph by selecting it and choosing the Copilot icon to "Rewrite with Copilot." You can refine a PowerPoint slide with a prompt like: "Add an image of a target with arrows."
  • Managing human resources: from recruiting to internal training, through drafting job descriptions and evaluating employee feedback, Copilot proves to be a valuable ally for HR teams. With Copilot in Word, prompts such as the following can be used: "Write a job description for the role of [position], highlighting required skills, responsibilities, and company benefits." or "Summarize this performance feedback into 5 constructive points to share with the employee." In Teams, prompts such as this one can be used instead: "Generate a summary of the recurring themes that emerged in the last 3 HR team meetings."

In every scenario, Copilot leverages its technological prowess with prompts to enhance the user’s abilities, personalize responses according to their needs, and offer dynamic, contextually aware assistance.

Copilot Prompts: practical examples for every app

Talking about prompts in the abstract is useful, but the real turning point comes when you start working with targeted prompts built around the apps you use every day. Here is a practical overview of how Copilot can be guided within each of the main Microsoft 365 applications.

Copilot in Word

Word is the natural playing field for those who work with documents and text. With the right prompts, Copilot can generate a first draft from scratch, rewrite a text improving its clarity and tone, summarize lengthy content into a few key points, or find information within a file. Some practical examples:

  • "Rewrite this paragraph in a clearer and more professional way, keeping the same length."
  • "Prepare a first draft for the [service] proposal: include the project scope, operational phases, estimated timeline, and expected outputs."
  • "Give me a structured summary of this document: what problems emerge, what solutions have been proposed, what decisions have been made, and what still needs to be done."

Copilot in Excel

In Excel, Copilot turns natural language questions into analyses, formulas, and charts. A useful tool for those who need to monitor performance, compare data, or identify trends without being a spreadsheet expert.

  • "Compare the margins of all products in this table: which are the 3 most profitable and the 3 least profitable?"
  • "Build a formula that calculates [metric] taking into account [constraints], then apply it to the entire column."
  • "Create a chart showing monthly revenue trends and highlight periods with a decline of more than 10%."

Copilot in Outlook

Email management is one of the contexts where Copilot shows its value immediately. Summarizing long threads, drafting reply suggestions, or making a message more professional are all operations that, with the right prompt, take just a few seconds.

  • "Summarize this email conversation: what was decided, what is still pending, and who needs to do what."
  • "Write a professional and direct reply: confirm your availability on [X], ask for clarification on [Y], and propose two possible times for a call."
  • "Follow up on this email with a polite but firm tone, emphasizing the urgency without coming across as rude."

Copilot in Teams

In meetings, Copilot in Teams becomes the ideal note-taker: it generates summaries, identifies action items, and helps those who could not attend get up to speed in just a few minutes.

  • "Generate the meeting summary: list the decisions made, the risks that emerged, the tasks assigned with their respective owners, and the deadlines set."
  • "Identify all the action items that came out of the meeting and organize them into a prioritized list (high / medium / low)."
  • "Prepare an update to share in the Teams channel: summarize the main decisions and outline the next operational steps."

Copilot in PowerPoint

For those who need to build presentations starting from a document or a brief, Copilot in PowerPoint can act as an accelerator: it turns content into structured slides, suggests titles, sets the layout, and proposes images consistent with the message.

  • "Based on this document, build a presentation of 6 to 8 slides: use descriptive titles, concise bullet points, and include an opening and a closing slide."
  • "Turn this document into an 8-slide presentation with clear titles and bullet points."
  • "Add a summary slide with the 3 key takeaways."

Copilot Prompts: best practices and most common mistakes

Working with Microsoft 365 Copilot is similar to collaborating with a tech-savvy colleague who is always ready to assist when needed. The secret to using it best lies in mastering the art of prompt creation.

Understanding what to do and what to avoid when creating prompts is crucial to unlocking Copilot’s full potential. Here are some essential tips to get the most out of your prompts:

  • Clarity and specificity: Make your goal and expected outcome as clear as possible. The more specific the prompt, the better the productive response generated by Copilot. Always provide detailed instructions such as the topic, purpose, tone, and required length.
  • Maintain a conversational tone: When interacting with Copilot, imagine engaging in a conversation with a collaborative colleague and structure your request as a question or instruction. Provide constructive feedback to Copilot based on the quality of its responses, helping the AI learn and adapt to your preferences.
  • Emulate good prompting examples: Use proven successful prompt examples to guide Copilot’s response. This can save time and ensure you consistently receive the desired output. Use clear, specific keywords or phrases when asking Copilot to write text for you. This helps it generate more relevant and creative copies.
  • Ask for feedback: Receiving feedback from Copilot allows the AI to better understand your needs and preferences, leading to more relevant and tailored responses to your specific needs and requests.
  • Write clearly: Write clearly and understandably to ensure Copilot can easily comprehend the prompt, even if it’s complex. Always try to use correct grammar and a comprehensible sentence structure. Use proper punctuation, capitalization, and grammar when writing prompts to help the AI produce higher-quality texts and responses.
  • Check the accuracy of responses: After receiving a response from Copilot, review it to check for accuracy and make any necessary adjustments. This not only helps spot errors or discrepancies but also assists Copilot in improving its future responses. Occasionally, Copilot may make mistakes. Therefore, it’s a good practice to always check its responses for accuracy, grammar, and style, and to look for irrelevant or inappropriate content.
  • Provide details: When requesting a response from Copilot, provide a relevant amount of detail to help the AI understand the context and deliver the most detailed and appropriate answer possible. Emphasize that the details should be relevant and that it’s unnecessary to overload the prompt with superfluous details. As long as the request is clear and has key points, that will be enough to get the desired response.
  • Maintain a polite tone: It should go without saying, but try to be as courteous and kind as possible when addressing Copilot. It may be artificial intelligence, but using polite language and expressing gratitude can help foster a positive working relationship with the AI.
  • Saving and sharing prompts that work: When a particularly effective prompt is found, it is good practice to save it and make it available to the team. Sharing tried-and-tested prompts with colleagues is a simple but highly valuable gesture, since every prompt that enters the shared collection saves time for those who come after, and helps build a more consistent and mature way of working with Copilot across the organization.

Now that we have a clearer idea of the best practices to refine your prompts, let’s take a look at what to avoid during your interactions with Copilot:

  • Being vague: Avoid using vague or generalized prompts, as this can lead to unsatisfactory responses from Copilot. Always provide specific instructions, context, and parameters for the AI to work with.
  • Requesting inappropriate or unethical content: This should come as common sense, but not everyone who uses these types of technologies follows it. Needless to say, Copilot is not responsible for the content or results of its writing, and it’s important to adhere to local laws, regulations, and the rights of others. If someone is to get into trouble for something generated through AI use, that person will be the user.
  • Using slang expressions: Again, common sense should apply here, but using slang and jargon might not be easily understood by Copilot, which could lead to lower-quality output and, in the case of frequent use, inappropriate or unprofessional responses. Copilot reflects the professional behavior of the user, so make it a "good" reflection.
  • Giving conflicting instructions: Providing conflicting instructions can confuse Copilot and result in a lower-quality or inadequate response. Always try to be as consistent and concise as possible when making your requests.
  • Changing topics abruptly: Copilot may struggle to generate a response if the prompt suddenly changes topic or direction. Always finish one task or close it before starting a new one. When starting a new task, use "New Chat."

The Prompt Library: building a reusable prompt collection

Learning to write good prompts is a fundamental first step. But there is a second level, one that companies using Copilot in a truly mature way reach almost naturally: building a Prompt Library, an internal collection where the prompts that have proven most effective over time come together, organized so that anyone in the company can find them, use them, and improve them without having to start from scratch every time.

What is a Prompt Library

A Prompt Library is a repository of tested, catalogued prompts accessible to all members of a team or organization. It is not simply a list of examples, but a living system that grows with use, reducing the time spent "experimenting from scratch" each time and ensuring a more uniform and predictable output quality across different colleagues.

The most immediate benefit is consistency: when all colleagues have access to the same tried-and-tested prompts, Copilot's output stops varying unpredictably from person to person. Added to this is a tangible time saving, where no one has to search for or rewrite the right prompt for a meeting or a proposal from scratch, and a more guided learning path for those approaching Copilot for the first time.

The official Microsoft Prompt Gallery

Microsoft has already taken a concrete step in this direction with the Copilot Prompt Gallery, integrated directly into Microsoft 365 Copilot Chat and into the Word, Excel, and PowerPoint apps. It allows users to discover recommended prompts, save them, and share them with their team, organized by app, scenario, or business function. To access it, simply open the Copilot panel in any of these apps and select the gallery icon or the "View prompts" button.

It is an excellent starting point for those who want to explore the possibilities of the tool without having to reinvent the wheel every time. For more advanced users developing custom agents and automations, Copilot Studio provides a separate Prompt Library with reusable technical templates, though it remains a tool designed for makers and developers rather than everyday business users.

How to build your own company Prompt Library

Building an internal library does not require complex tools. What matters is that it is accessible, updatable, and organized in an intuitive way. Here is a practical approach in a few steps:

  1. Define a map of usage areas: which departments will use the library and for which activities (such as content drafting, data analysis, email management, meeting preparation, and internal communication).
  2. For each prompt added to the collection, record: a title describing its use, the full prompt text, the context in which it works best, and who created or validated it.
  3. Choose a shared tool within the Microsoft 365 ecosystem: a collection in SharePoint, a page in Microsoft Loop, a shared Excel spreadsheet, or a dedicated Teams channel with a document tab.
  4. Identify a point of reference in each team for the collection: someone who ensures its quality, removes outdated prompts, and serves as the contact for those who want to contribute or flag updates.
  5. Present the library during Copilot training sessions and make sure new colleagues are aware of it from their very first days of using the tool.

The result is not just a collection of texts, but a different way of working with Copilot: more deliberate, more consistent, and more effective for everyone, from experienced colleagues to those approaching AI for the first time.

Copilot Prompt Hacking: what it is and how to defend against it

Speaking of bad prompting practices, it’s time to talk about security. A topic that gets a lot of attention in today’s digital landscape but one you can never really talk about too much.

Named the best productivity tool in the AI era, Microsoft Copilot is a powerful ally for today’s businesses. But Uncle Ben always reminds us, "with great power comes great responsibility."

If your organization has poor visibility into its data security posture, Copilot and other generative AI tools have the potential to expose sensitive information to employees who shouldn’t have access, or worse, to malicious actors.

The term "prompt hacking" is used to describe attacks that exploit LLM vulnerabilities by manipulating their inputs or prompts. Unlike traditional hacking, which typically exploits software vulnerabilities, prompt hacking relies on carefully crafted prompts to trick the LLM into performing unintended actions.

Copilot’s security model bases its responses on existing user permissions within Microsoft. Users can ask Copilot to summarize meeting notes, find files for sales resources, and identify actions to take, saving an enormous amount of time.

However, if your organization’s permissions aren’t set up correctly and Copilot is enabled, users can easily view sensitive data.

Why is this a problem?

Simple: people have access to too much data. On average, an employee can access 17 million files on their first day of work. When you can’t see and control who has access to sensitive data, a compromised user or malicious insider can cause unimaginable damage.

Moreover, most granted permissions go unused and are considered high risk, meaning sensitive data is exposed to people who don’t need it.

Human oversight and responsible AI

Even before addressing external threats such as prompt hacking, there is an internal hygiene issue worth addressing: human oversight of the outputs generated by Copilot.

Copilot is a powerful tool, but not an infallible one. The language models it is based on can generate plausible but inaccurate text, or unintentionally reproduce biases present in the data they were trained on. For this reason, no output should leave the organization (towards clients, the public, or a decision-making process) without a human having first read, evaluated, and, where necessary, corrected it. This applies in particular to highly sensitive content such as legal communications, financial reporting, or HR documents.

Microsoft itself has adopted a responsible AI approach based on six core principles: fairness, reliability and safety, privacy and security, inclusiveness, transparency, and accountability. Working with Copilot in a professional manner means incorporating these principles into one's operational workflow, starting with the habit of treating every AI response as a starting point, not an endpoint.

Examples of prompt hacking techniques

There are several prompt hacking techniques, with numerous new variations emerging every day. However, the three most common ones currently are listed below:

  • Prompt injection: it involves overwriting the original instructions in the prompt with special user inputs. It often occurs when untrusted input is used as part of the prompt.
  • Prompt leaking: it is a form of prompt injection where the model is asked to reveal its prompt. You might wonder why someone would care about prompt leakage? Well, simple: sometimes people and organizations want to keep their prompts secret, much like they would with their marketing strategies or personal data of their users and customers. If the prompt is disclosed, anyone can use it without going through the person or company, potentially leading to significant losses.
  • Jailbreaking: the most well-known prompt hacking technique by the general public (given the early exploits of ChatGPT, which were sensationalized by mainstream media) and involves tricking a generative AI model into performing or producing unintended outputs through specific prompts. It may be due to an architectural or training issue, aggravated by the difficulty in preventing prompts that can be deemed "hostile."

Prompt Hacking: How to defend against it?

To protect against prompt hacking, it’s necessary to adopt defensive measures. These include implementing prompt-based defenses, regularly monitoring LLM behavior and outputs to detect unusual activities, and using techniques such as fine-tuning. In general, prompt hacking is a growing concern for LLM security, and it’s essential to remain vigilant and take proactive steps to protect against these types of attacks.

The best defense is a good offense. While prompt hacking techniques like prompt injection and prompt leaking can still be highly effective, there are several easy-to-implement defenses we can use to protect ourselves. Let’s take a look at some in the list below:

  • Filtering: it is one of the simplest techniques to prevent prompt hacking. It involves creating a list of words or phrases to block, known as a blocklist. This represents a good first line of defense. However, as new harmful inputs are discovered, your blocklist will continue to grow, and keeping up will feel like a game of whack-a-mole. Useful for establishing an initial defense line.
  • Instruction Defense: it involves adding specific instructions in the system message to guide the model in handling user inputs.
  • Post-Prompting: LLMs tend to follow the last instruction they receive. Post-prompting takes advantage of this tendency by placing model instructions after the user’s input.
  • Random Sequence Enclosure: it involves enclosing the user’s input between two random sequences of characters. Enclosing the user’s input helps establish which part of the prompt comes from the user.
  • Sandwich Defense: the "sandwich" method involves placing the user’s input between two prompts. The first prompt serves as an instruction, while the second reiterates the same instruction. It also takes advantage of the model’s tendency to remember the last instruction it received.
  • XML Defense: similar to random sequence enclosure, wrapping user inputs in XML tags can help the model understand which part of the prompt comes from the user.
  • Separate LLM Evaluation: it involves having a secondary LLM evaluate the user’s input before passing it to the main model.

These defenses give the model a better chance of functioning as intended and form a good "first line" of protection for your digital assistant against malicious actors and prompt hacking attacks. However, it’s important to continually review the prompts you use, as these things keep evolving, and security threats to your infrastructure and digital assistants grow day by day.

Conclusions

Microsoft Copilot is a tool with great potential, and it was named the best productivity tool in the AI era for a reason. Redmond’s digital assistant is a powerful ally for today’s businesses, but like any tool with great potential, users who want to take full advantage of it must learn to use it intelligently.

To get the most out of Copilot’s features, it’s essential to master prompt creation. By following the tips provided above on what to do and what to avoid, you’ll quickly and consistently obtain accurate responses tailored to your needs and requirements.

FAQ on Copilot prompts

What are Copilot prompts?

Copilot prompts are instructions given to AI tools (like Microsoft 365 Copilot) to generate specific responses or actions, such as creating, summarizing, or editing content.

How do prompts work with Copilot?

Effective prompts require clarity, context, and specific parameters, like the desired output format or content sources, for the best results.

What tasks can Copilot assist with?

Copilot excels in content creation, editing, summarization, querying, and task automation in apps like Word, Excel, PowerPoint, and Teams.

What are some best practices for prompt creation?

Use clear, specific instructions, avoid vague language, and provide feedback to refine Copilot's outputs.

What is prompt hacking, and how can it be prevented?

Prompt hacking exploits AI vulnerabilities through malicious inputs. Defensive measures include filtering, instruction defense, and proper permission setups.

Your Copilot licenses deserve real adoption.

You've invested in Microsoft Copilot. Now make sure every employee actually uses it.
Let our AI Agent and our experts turn licenses into habits.