Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
January 23, 2024
Programming
0
210
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
0
14
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
0
180
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
0
130
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
0
160
SIGNAL 2021 - Live Developer Mode
dkundel
0
160
OpenJS World - What the AST?
dkundel
0
430
WFHConf - Move to TypeScript at your own Pace
dkundel
0
300
SFNode '20 - How to move your project to TypeScript
dkundel
0
310
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
0
340
Other Decks in Programming
See All in Programming
Grafana Cloudとソラカメ
devoc
0
180
Open source software: how to live long and go far
gaelvaroquaux
0
650
『GO』アプリ データ基盤のログ収集システムコスト削減
mot_techtalk
0
130
XStateを用いた堅牢なReact Components設計~複雑なClient Stateをシンプルに~ @React Tokyo ミートアップ #2
kfurusho
1
940
PHPのバージョンアップ時にも役立ったAST
matsuo_atsushi
0
170
CI改善もDatadogとともに
taumu
0
170
SpringBoot3.4の構造化ログ #kanjava
irof
3
1k
Java Webフレームワークの現状 / java web framework at burikaigi
kishida
9
2.2k
チームリードになって変わったこと
isaka1022
0
210
Djangoにおける複数ユーザー種別認証の設計アプローチ@DjangoCongress JP 2025
delhi09
PRO
4
380
Lottieアニメーションをカスタマイズしてみた
tahia910
0
130
AIの力でお手軽Chrome拡張機能作り
taiseiue
0
180
Featured
See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
175
52k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
233
17k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.3k
Bash Introduction
62gerente
611
210k
Making Projects Easy
brettharned
116
6k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
YesSQL, Process and Tooling at Scale
rocio
172
14k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Thoughts on Productivity
jonyablonski
69
4.5k
Practical Orchestrator
shlominoach
186
10k
A Tale of Four Properties
chriscoyier
158
23k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.4k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel dkundel@twilio.com github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel dkundel@twilio.com github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |