Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel Dominik Kundel
PRO
January 23, 2024
Programming
0
240

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel

Dominik Kundel
PRO

January 23, 2024
Tweet

More Decks by Dominik Kundel

See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
39
AI for Marketers Sept '24 - How AI Agents will change your
Avatar for Dominik Kundel dkundel
PRO
0
230
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
180
AI Engineer World's Fair '24 - Cooking with Fire without
Avatar for Dominik Kundel dkundel
PRO
0
200
SIGNAL 2021 - Live Developer Mode
Avatar for Dominik Kundel dkundel
PRO
0
170
OpenJS World - What the AST?
Avatar for Dominik Kundel dkundel
PRO
0
460
WFHConf - Move to TypeScript at your own Pace
Avatar for Dominik Kundel dkundel
PRO
0
320
SFNode '20 - How to move your project to TypeScript
Avatar for Dominik Kundel dkundel
PRO
0
330
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
Avatar for Dominik Kundel dkundel
PRO
0
360

Other Decks in Programming

See All in Programming
Modern Angular with Signals and Signal Store: New Rules for Your Architecture @enterJS Advanced Angular Day 2025
Avatar for Manfred Steyer manfredsteyer
PRO
0
240
The Modern View Layer Rails Deserves: A Vision For 2025 And Beyond @ RailsConf 2025, Philadelphia, PA
Avatar for Marco Roth marcoroth
2
670
レベル1の開発生産性向上に取り組む − 日々の作業の効率化・自動化を通じた改善活動
Avatar for kesoji kesoji
0
270
AI Agent 時代のソフトウェア開発を支える AWS Cloud Development Kit (CDK)
Avatar for Kenji Kono konokenj
5
650
20250628_非エンジニアがバイブコーディングしてみた
Avatar for ponponmikan ponponmikankan
0
710
AI時代の『改訂新版 良いコード/悪いコードで学ぶ設計入門』 / ai-good-code-bad-code
Avatar for MinoDriven minodriven
22
9k
GPUを計算資源として使おう!
Avatar for prime number primenumber
1
200
状態遷移図を書こう / Sequence Chart vs State Diagram
Avatar for Kuniwak orgachem
PRO
2
170
すべてのコンテキストを、 ユーザー価値に変える
Avatar for Michiru Kato applism118
4
1.4k
ニーリーにおけるプロダクトエンジニア
Avatar for Nealle nealle
0
890
Startups on Rails in Past, Present and Future–Irina Nazarova, RailsConf 2025
Avatar for Irina Nazarova irinanazarova
0
200
「テストは愚直&&網羅的に書くほどよい」という誤解 / Test Smarter, Not Harder
Avatar for Munetoshi Ishikawa munetoshi
0
190

Featured

See All Featured
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
299
21k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.4k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
31
8.7k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
130
19k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.5k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
367
19k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.4k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
110k
Designing Experiences People Love
Avatar for Jonathan Moore moore
142
24k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
1.9k

Transcript

  1. Rogue Agents Stop AI from misusing APIs TechTalks SF -

    Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel

  2. Dominik Kundel | @dkundel

  3. console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel [email protected] github/dkundel

    Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel

  4. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  5. How can we have AI safely interact with APIs? Dominik

    Kundel | @dkundel

  6. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  7. Dominik Kundel | @dkundel How to connect AI to APIs

    Platforms Frameworks Native LLM Functions 🦜🔗

  8. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  9. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  10. What’s the problem? Dominik Kundel | @dkundel

  11. Dominik Kundel | @dkundel

  12. Dominik Kundel | @dkundel

  13. Unpredictable Dominik Kundel | @dkundel

  14. Dominik Kundel | @dkundel Easily Impressionable

  15. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  16. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  17. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  18. Dominik Kundel | @dkundel Rules are “suggestions”

  19. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  20. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  21. Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily

    Impressionable Rules “suggestions”

  22. Dominik Kundel | @dkundel

  23. How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel

  24. Dominik Kundel | @dkundel

  25. Dominik Kundel | @dkundel

  26. Dominik Kundel | @dkundel

  27. Dominik Kundel | @dkundel

  28. Dominik Kundel | @dkundel LLM

  29. Dominik Kundel | @dkundel

  30. Dominik Kundel | @dkundel

  31. Dominik Kundel | @dkundel

  32. Dominik Kundel | @dkundel

  33. Dominik Kundel | @dkundel LLM

  34. What security measures? Dominik Kundel | @dkundel

  35. Dominik Kundel | @dkundel Security Measures

  36. Dominik Kundel | @dkundel Security Measures Data Validation

  37. Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting

  38. Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate

    Limiting

  39. Dominik Kundel | @dkundel Security Measures

  40. Dominik Kundel | @dkundel Security Measures Authorization

  41. Dominik Kundel | @dkundel Security Measures Authorization Least Privilege

  42. Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi

    dential & unnecessary data Least Privilege

  43. Dominik Kundel | @dkundel Do threat modeling!

  44. Dominik Kundel | @dkundel Takeaways?

  45. Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?

  46. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways?

  47. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!

  48. console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel [email protected] github/dkundel

    d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |