FILE-GROUNDING DEMO — "Trust but Verify" ========================================== Upload "smartcampus-project-spec.txt" to Copilot for this demo. There are three rounds. Do them in order. ── ROUND 1: Ask Without the Document ─────────────────────────── Open a fresh Copilot chat. Do NOT upload anything. Paste this prompt: What are the security risks of deploying an IoT monitoring system on a university campus? Notice: Copilot will give a solid general answer — encryption, network segmentation, firmware updates, physical tampering, data privacy. All reasonable. All generic. Save or screenshot this response. ── ROUND 2: Upload the Document, Ask Freely ──────────────────── Open a new Copilot chat. Upload smartcampus-project-spec.txt. Paste these prompts one at a time: PROMPT A: What are the security risks of this specific project? PROMPT B: What happens to sensor data if the internet goes down? PROMPT C: What's the biggest risk to this project's timeline? PROMPT D (THE TRAP): What machine learning framework will they use for the predictive maintenance models in Phase 3? Notice: Prompts A–C should improve because the document gives real constraints. Prompt D is the test — the document mentions predictive maintenance but says NOTHING about implementation details. Watch whether Copilot admits this or invents an answer. ── ROUND 3: Add the Grounding Instruction ────────────────────── In the same chat, paste this system instruction and then re-ask Prompt D: From now on, follow these rules: - Answer based only on the attached document. - Cite the specific section or page for every claim. - If the document doesn't contain the answer, say so explicitly. Now answer: What machine learning framework will they use for the predictive maintenance models in Phase 3? ── WHAT TO LOOK FOR ───────────────────────────────────────────── ROUND 1 vs ROUND 2 (Prompts A–C): Did grounding make the answers more specific and useful? Did it reference actual details like VLAN 42, FERPA, the 72-hour buffer, or the Wi-Fi dead zones? ROUND 2 vs ROUND 3 (Prompt D): Without the grounding instruction, did Copilot guess a framework (TensorFlow, scikit-learn, etc.)? With the grounding instruction, did it say "the document doesn't specify this"? The difference is the difference between an AI that sounds helpful and an AI you can actually trust. ── THE TAKEAWAY ───────────────────────────────────────────────── Grounding isn't just uploading a file. It's telling the AI how to use it. Upload = gives it access. Instructions = gives it discipline. Without both, you get an AI that blends what it knows with what you gave it — and doesn't tell you which is which.