Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
January 23, 2024
Programming
0
210
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
0
12
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
0
180
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
0
130
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
0
160
SIGNAL 2021 - Live Developer Mode
dkundel
0
150
OpenJS World - What the AST?
dkundel
0
430
WFHConf - Move to TypeScript at your own Pace
dkundel
0
300
SFNode '20 - How to move your project to TypeScript
dkundel
0
310
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
0
340
Other Decks in Programming
See All in Programming
『品質』という言葉が嫌いな理由
korimu
0
160
Domain-Driven Transformation
hschwentner
2
1.9k
iOSエンジニアから始める visionOS アプリ開発
nao_randd
3
130
ファインディLT_ポケモン対戦の定量的分析
fufufukakaka
0
690
バックエンドのためのアプリ内課金入門 (サブスク編)
qnighy
8
1.8k
昭和の職場からアジャイルの世界へ
kumagoro95
1
370
AWS Organizations で実現する、 マルチ AWS アカウントのルートユーザー管理からの脱却
atpons
0
150
Ruby on cygwin 2025-02
fd0
0
140
Spring gRPC について / About Spring gRPC
mackey0225
0
220
社内フレームワークとその依存性解決 / in-house framework and its dependency management
vvakame
1
560
Honoをフロントエンドで使う 3つのやり方
yusukebe
7
3.2k
SpringBoot3.4の構造化ログ #kanjava
irof
2
990
Featured
See All Featured
The Language of Interfaces
destraynor
156
24k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
27
1.6k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Java REST API Framework Comparison - PWX 2021
mraible
28
8.4k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.1k
Build The Right Thing And Hit Your Dates
maggiecrowley
34
2.5k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
40
2k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.4k
Writing Fast Ruby
sferik
628
61k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
A designer walks into a library…
pauljervisheath
205
24k
The Cult of Friendly URLs
andyhume
78
6.2k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel
[email protected]
github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel
[email protected]
github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |