Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Dominik Kundel
PRO
January 23, 2024
Programming
310
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
PRO
January 23, 2024
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
110
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
PRO
0
330
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
260
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
PRO
0
260
SIGNAL 2021 - Live Developer Mode
dkundel
PRO
0
220
OpenJS World - What the AST?
dkundel
PRO
0
530
WFHConf - Move to TypeScript at your own Pace
dkundel
PRO
0
370
SFNode '20 - How to move your project to TypeScript
dkundel
PRO
0
370
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
PRO
0
380
Other Decks in Programming
See All in Programming
不変条件と整合性境界—ビジネスが決める設計判断と実現パターン / Invariants and Consistency Boundaries
nrslib
14
5.9k
Make SRE Operations Easier with Azure SRE Agent
kkamegawa
0
8.7k
Hunting Vulnerabilities in Symfony with LLMs
vinceamstoutz
0
560
さぁV100、メモリをお食べ・・・
nilpe
0
160
jQueryをバージョンアップする前に使いたいjQuery Migrate
matsuo_atsushi
0
600
鹿野さんに聞く!『TypeScriptコードレシピ集』で磨く実践力
tonkotsuboy_com
4
870
AIキャラアプリkaiwaの低遅延音声通話基盤をどう作ったか - AWS Gravitonで支える低遅延・低コストAI Agent基盤
mogamit
0
120
決定論的オーケストレーションの設計と実装 / Design and Implementation of Deterministic Orchestration
nrslib
4
1.5k
Skillsは効率化、Agentsは"自分の拡張"——Builder時代のエージェント編成(CC Night 2026)
wemra
1
170
Creating Composable Callables in Contemporary C++
rollbear
0
170
例外の正しい扱い方 そのエラー try-catchして大丈夫?
jinwatanabe
0
290
軽量Java基盤の設計 DIコンテナに頼らない、長期保守と1秒起動の実現 JJUG CCC 2026 Spring
macha64
0
600
Featured
See All Featured
What does AI have to do with Human Rights?
axbom
PRO
1
2.2k
Building the Perfect Custom Keyboard
takai
2
800
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
szymonslowik
1
1.1k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Redefining SEO in the New Era of Traffic Generation
szymonslowik
1
350
The SEO Collaboration Effect
kristinabergwall1
1
490
The Cult of Friendly URLs
andyhume
79
6.9k
<Decoding/> the Language of Devs - We Love SEO 2024
nikkihalliwell
1
260
Utilizing Notion as your number one productivity tool
mfonobong
4
330
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
65
56k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
118
120k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel
[email protected]
github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel
[email protected]
github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |