Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel Dominik Kundel PRO
January 23, 2024
Programming
0
280

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel

Dominik Kundel PRO

January 23, 2024
Tweet

More Decks by Dominik Kundel

See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
100
AI for Marketers Sept '24 - How AI Agents will change your
Avatar for Dominik Kundel dkundel
PRO
0
300
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
240
AI Engineer World's Fair '24 - Cooking with Fire without
Avatar for Dominik Kundel dkundel
PRO
0
230
SIGNAL 2021 - Live Developer Mode
Avatar for Dominik Kundel dkundel
PRO
0
200
OpenJS World - What the AST?
Avatar for Dominik Kundel dkundel
PRO
0
490
WFHConf - Move to TypeScript at your own Pace
Avatar for Dominik Kundel dkundel
PRO
0
360
SFNode '20 - How to move your project to TypeScript
Avatar for Dominik Kundel dkundel
PRO
0
350
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
Avatar for Dominik Kundel dkundel
PRO
0
370

Other Decks in Programming

See All in Programming
Understanding Apache Lucene - More than just full-text search
Avatar for Alexander Reelsen spinscale
0
140
モダンOBSプラグイン開発
Avatar for Kaito Udagawa umireon
0
170
CSC307 Lecture 14
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
480
「効かない!」依存性注入(DI)を活用したAPI Platformのエラーハンドリング奮闘記
Avatar for Maki Hayashi mkmk884
0
160
PHP 7.4でもOpenTelemetryゼロコード計装がしたい! / PHPerKaigi 2026
Avatar for Arthur arthur1
1
360
AIに任せる範囲を安全に広げるためにやっていること
Avatar for Masashi Fukuzawa fukucheee
0
150
PHPのバージョンアップ時にも役立ったAST(2026年版)
Avatar for Atsushi Matsuo matsuo_atsushi
0
230
社内規程RAGの精度を73.3% → 100%に改善した話
Avatar for oharu121 oharu121
13
8.3k
PHPで TLSのプロトコルを実装してみる
Avatar for higaki higaki_program
0
370
Goの型安全性で実現する複数プロダクトの権限管理
Avatar for ishikawa-pro ishikawa_pro
2
900
Cyrius ーLinux非依存にコンテナをネイティブ実行する専用OSー
Avatar for n4mlz n4mlz
0
230
GC言語のWasm化とComponent Modelサポートの実践と課題 - Scalaの場合
Avatar for Rikito Taniguchi tanishiking
0
120

Featured

See All Featured
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
How Software Deployment tools have changed in the past 20 years
Avatar for Geshan Manandhar geshan
0
33k
Claude Code のすすめ
Avatar for schroneko schroneko
67
220k
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
310
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
249
1.3M
The Mindset for Success: Future Career Progression
Avatar for Greg Gifford greggifford
PRO
0
280
Crafting Experiences
Avatar for Bethany Jepchumba bethany
1
92
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
463
34k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
290
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
33
1.6k
First, design no harm
Avatar for Per Axbom axbom
PRO
2
1.1k
B2B Lead Gen: Tactics, Traps & Triumph
Avatar for Sophie Logan marketingsoph
0
84

Transcript

  1. Rogue Agents Stop AI from misusing APIs TechTalks SF -

    Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel

  2. Dominik Kundel | @dkundel

  3. console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel [email protected] github/dkundel

    Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel

  4. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  5. How can we have AI safely interact with APIs? Dominik

    Kundel | @dkundel

  6. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  7. Dominik Kundel | @dkundel How to connect AI to APIs

    Platforms Frameworks Native LLM Functions 🦜🔗

  8. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  9. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  10. What’s the problem? Dominik Kundel | @dkundel

  11. Dominik Kundel | @dkundel

  12. Dominik Kundel | @dkundel

  13. Unpredictable Dominik Kundel | @dkundel

  14. Dominik Kundel | @dkundel Easily Impressionable

  15. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  16. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  17. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  18. Dominik Kundel | @dkundel Rules are “suggestions”

  19. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  20. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  21. Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily

    Impressionable Rules “suggestions”

  22. Dominik Kundel | @dkundel

  23. How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel

  24. Dominik Kundel | @dkundel

  25. Dominik Kundel | @dkundel

  26. Dominik Kundel | @dkundel

  27. Dominik Kundel | @dkundel

  28. Dominik Kundel | @dkundel LLM

  29. Dominik Kundel | @dkundel

  30. Dominik Kundel | @dkundel

  31. Dominik Kundel | @dkundel

  32. Dominik Kundel | @dkundel

  33. Dominik Kundel | @dkundel LLM

  34. What security measures? Dominik Kundel | @dkundel

  35. Dominik Kundel | @dkundel Security Measures

  36. Dominik Kundel | @dkundel Security Measures Data Validation

  37. Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting

  38. Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate

    Limiting

  39. Dominik Kundel | @dkundel Security Measures

  40. Dominik Kundel | @dkundel Security Measures Authorization

  41. Dominik Kundel | @dkundel Security Measures Authorization Least Privilege

  42. Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi

    dential & unnecessary data Least Privilege

  43. Dominik Kundel | @dkundel Do threat modeling!

  44. Dominik Kundel | @dkundel Takeaways?

  45. Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?

  46. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways?

  47. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!

  48. console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel [email protected] github/dkundel

    d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |