> Starting clean also has the benefit of knowing the prompt/history is in a clean/"known-good" state, and that there's nothing in the memory that's going to cause the LLM to get weird on me.
This matters a lot for prompt injection/hijacking. Not that I'm clamoring to give OpenAI access to my personal files or APIs in the first place, but I'm definitely not interested in giving a version of GPT with more persistent memory access to those files or APIs. A clean slate is a mitigating feature that helps with a real security risk. It's not enough of a mitigating feature, but it helps a bit.
This matters a lot for prompt injection/hijacking. Not that I'm clamoring to give OpenAI access to my personal files or APIs in the first place, but I'm definitely not interested in giving a version of GPT with more persistent memory access to those files or APIs. A clean slate is a mitigating feature that helps with a real security risk. It's not enough of a mitigating feature, but it helps a bit.