Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel Dominik Kundel PRO
January 23, 2024
Programming
300
0

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel

Dominik Kundel PRO

January 23, 2024

More Decks by Dominik Kundel

See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
110
AI for Marketers Sept '24 - How AI Agents will change your
Avatar for Dominik Kundel dkundel
PRO
0
320
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
260
AI Engineer World's Fair '24 - Cooking with Fire without
Avatar for Dominik Kundel dkundel
PRO
0
250
SIGNAL 2021 - Live Developer Mode
Avatar for Dominik Kundel dkundel
PRO
0
210
OpenJS World - What the AST?
Avatar for Dominik Kundel dkundel
PRO
0
520
WFHConf - Move to TypeScript at your own Pace
Avatar for Dominik Kundel dkundel
PRO
0
370
SFNode '20 - How to move your project to TypeScript
Avatar for Dominik Kundel dkundel
PRO
0
370
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
Avatar for Dominik Kundel dkundel
PRO
0
380

Other Decks in Programming

See All in Programming
oxlintはeslint/typescript-eslintを置き換えられるのか
Avatar for shoma-fujita shomafujita
2
320
ふつうのFeature Flag実践入門
Avatar for irof irof
7
3.6k
プラグインで拡張される Context をtype-safe にする難しさと設計判断
Avatar for kazupon kazupon
2
590
These Five Tricks Can Make Your Apps Greener, Cheaper, & Nicer
Avatar for Holly Cummins hollycummins
0
270
OSもどきOS
Avatar for Sora Arakawa arkw
0
450
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
Avatar for Yuku Kotani yukukotani
3
2.8k
技術記事、AIに書かせるか、自分で書くか? 〜それでも私が自分の手で書く理由〜 / #QiitaConference
Avatar for Junichi Ito jnchito
2
1.3k
Old Dog, New Tricks: The Java 25 Reinvention - JNation
Avatar for A N M Bazlur Rahman bazlur_rahman
0
140
Semantic Version 単位で戦略を柔軟に変えて、パッケージアップデートを自動化する
Avatar for daitasu daitasu
0
140
Javaの型とAI時代に型が大事な理由 / java types and type in AI era
Avatar for Naoki Kishida kishida
2
110
Claspは野良GASの夢をみるか
Avatar for てらうちたかし takter00
0
170
CSC307 Lecture 17
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
310

Featured

See All Featured
Paper Plane
Avatar for Katie Cordina Lindsey katiecoart
PRO
1
51k
[SF Ruby Conf 2025] Rails X
Avatar for Vladimir Dementyev palkan
2
1.1k
Claude Code のすすめ
Avatar for schroneko schroneko
67
230k
Visual Storytelling: How to be a Superhuman Communicator
Avatar for David Neal reverentgeek
2
550
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Exploring anti-patterns in Rails
Avatar for Elle Meredith aemeredith
3
390
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
Avatar for Sophie Logan marketingsoph
0
160
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
330
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
2k
Reality Check: Gamification 10 Years Later
Avatar for Sebastian Deterding codingconduct
0
2.2k
How People are Using Generative and Agentic AI to Supercharge Their Products, Projects, Services and Value Streams Today
Avatar for Helen Beal helenjbeal
1
200
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
4k

Transcript

  1. Rogue Agents Stop AI from misusing APIs TechTalks SF -

    Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel

  2. Dominik Kundel | @dkundel

  3. console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel [email protected] github/dkundel

    Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel

  4. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  5. How can we have AI safely interact with APIs? Dominik

    Kundel | @dkundel

  6. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  7. Dominik Kundel | @dkundel How to connect AI to APIs

    Platforms Frameworks Native LLM Functions 🦜🔗

  8. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  9. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  10. What’s the problem? Dominik Kundel | @dkundel

  11. Dominik Kundel | @dkundel

  12. Dominik Kundel | @dkundel

  13. Unpredictable Dominik Kundel | @dkundel

  14. Dominik Kundel | @dkundel Easily Impressionable

  15. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  16. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  17. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  18. Dominik Kundel | @dkundel Rules are “suggestions”

  19. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  20. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  21. Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily

    Impressionable Rules “suggestions”

  22. Dominik Kundel | @dkundel

  23. How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel

  24. Dominik Kundel | @dkundel

  25. Dominik Kundel | @dkundel

  26. Dominik Kundel | @dkundel

  27. Dominik Kundel | @dkundel

  28. Dominik Kundel | @dkundel LLM

  29. Dominik Kundel | @dkundel

  30. Dominik Kundel | @dkundel

  31. Dominik Kundel | @dkundel

  32. Dominik Kundel | @dkundel

  33. Dominik Kundel | @dkundel LLM

  34. What security measures? Dominik Kundel | @dkundel

  35. Dominik Kundel | @dkundel Security Measures

  36. Dominik Kundel | @dkundel Security Measures Data Validation

  37. Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting

  38. Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate

    Limiting

  39. Dominik Kundel | @dkundel Security Measures

  40. Dominik Kundel | @dkundel Security Measures Authorization

  41. Dominik Kundel | @dkundel Security Measures Authorization Least Privilege

  42. Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi

    dential & unnecessary data Least Privilege

  43. Dominik Kundel | @dkundel Do threat modeling!

  44. Dominik Kundel | @dkundel Takeaways?

  45. Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?

  46. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways?

  47. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!

  48. console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel [email protected] github/dkundel

    d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |