Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
January 23, 2024
Programming
0
79
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
SIGNAL 2021 - Live Developer Mode
dkundel
0
110
OpenJS World - What the AST?
dkundel
0
390
WFHConf - Move to TypeScript at your own Pace
dkundel
0
260
SFNode '20 - How to move your project to TypeScript
dkundel
0
270
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
0
290
MSDev Montreal Holiday Meetup '19 - How to move your project to TypeScript
dkundel
1
190
CascadiaJS '19 - When Porgs Scream at Webpack and Other Stories
dkundel
1
390
JSConf US '19 - Make Web Not War
dkundel
0
270
SIGNAL '19 - Leveraging the Serverless API to manage your deployment process
dkundel
0
470
Other Decks in Programming
See All in Programming
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
840
サイコロで理解する統計的仮説検定の考え方
tatamiya
4
950
Azure OpenAI Serviceのプロンプトエンジニアリング入門
tomokusaba
3
740
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
270
ゆるい個人開発のススメ
kuroppe1819
10
990
ONE WEDGE_company_guide
1wedge_one
0
490
冗長なエラーログを削減し、スタックトレースを手に入れる / Reducing Verbose Error Logs and Obtaining Stack Traces
upamune
0
820
Hanami and htmx
bkuhlmann
0
210
dbtのドメイン分割による データ基盤の改善とDigdagとの連携
sakama
0
360
Amazon SQSコンシューマー疎結合への旅 - 出張! #DevelopersIO IT技術ブログの中の人が語る勉強会 #3
quiver
0
280
PHPはいつから死んでいるかの調査
chiroruxx
1
400
"config" ってなんだ? / What is "config"?
okashoi
0
240
Featured
See All Featured
What the flash - Photography Introduction
edds
64
11k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
Stop Working from a Prison Cell
hatefulcrawdad
266
19k
Teambox: Starting and Learning
jrom
128
8.4k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
60
14k
The Illustrated Children's Guide to Kubernetes
chrisshort
31
46k
Producing Creativity
orderedlist
PRO
337
39k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
21
1.6k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
30
6k
GraphQLとの向き合い方2022年版
quramy
32
12k
Building Flexible Design Systems
yeseniaperezcruz
319
37k
Designing for Performance
lara
601
67k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel
[email protected]
github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel
[email protected]
github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |