Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
PRO
January 23, 2024
Programming
0
240
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
PRO
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
39
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
PRO
0
230
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
180
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
PRO
0
200
SIGNAL 2021 - Live Developer Mode
dkundel
PRO
0
170
OpenJS World - What the AST?
dkundel
PRO
0
460
WFHConf - Move to TypeScript at your own Pace
dkundel
PRO
0
320
SFNode '20 - How to move your project to TypeScript
dkundel
PRO
0
330
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
PRO
0
360
Other Decks in Programming
See All in Programming
テスト駆動Kaggle
isax1015
0
210
코딩 에이전트 체크리스트: Claude Code ver.
nacyot
0
360
0626 Findy Product Manager LT Night_高田スライド_speaker deck用
mana_takada
0
180
High-Level Programming Languages in AI Era -Human Thought and Mind-
hayat01sh1da
PRO
0
780
MDN Web Docs に日本語翻訳でコントリビュートしたくなる
ohmori_yusuke
1
130
Webの外へ飛び出せ NativePHPが切り拓くPHPの未来
takuyakatsusa
2
560
NPOでのDevinの活用
codeforeveryone
0
840
PostgreSQLのRow Level SecurityをPHPのORMで扱う Eloquent vs Doctrine #phpcon #track2
77web
2
530
git worktree × Claude Code × MCP ~生成AI時代の並列開発フロー~
hisuzuya
1
580
Agentic Coding: The Future of Software Development with Agents
mitsuhiko
0
110
AI時代のソフトウェア開発を考える(2025/07版) / Agentic Software Engineering Findy 2025-07 Edition
twada
PRO
89
30k
初学者でも今すぐできる、Claude Codeの生産性を10倍上げるTips
s4yuba
16
11k
Featured
See All Featured
Intergalactic Javascript Robots from Outer Space
tanoku
271
27k
Visualization
eitanlees
146
16k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.5k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
181
54k
Six Lessons from altMBA
skipperchong
28
3.9k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Code Review Best Practice
trishagee
69
19k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.4k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
248
1.3M
Measuring & Analyzing Core Web Vitals
bluesmoon
7
510
Side Projects
sachag
455
42k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel dkundel@twilio.com github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel dkundel@twilio.com github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |