Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
PRO
January 23, 2024
Programming
0
250
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
PRO
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
49
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
PRO
0
240
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
190
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
PRO
0
210
SIGNAL 2021 - Live Developer Mode
dkundel
PRO
0
180
OpenJS World - What the AST?
dkundel
PRO
0
460
WFHConf - Move to TypeScript at your own Pace
dkundel
PRO
0
320
SFNode '20 - How to move your project to TypeScript
dkundel
PRO
0
330
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
PRO
0
360
Other Decks in Programming
See All in Programming
なぜ今、Terraformの本を書いたのか? - 著者陣に聞く!『Terraformではじめる実践IaC』登壇資料
fufuhu
4
650
オホーツクでコミュニティを立ち上げた理由―地方出身プログラマの挑戦 / TechRAMEN 2025 Conference
lemonade_37
2
490
The State of Fluid (2025)
s2b
0
200
画像コンペでのベースラインモデルの育て方
tattaka
3
1.9k
LLMOpsのパフォーマンスを支える技術と現場で実践した改善
po3rin
8
980
令和最新版手のひらコンピュータ
koba789
14
8k
[FEConf 2025] 모노레포 절망편, 14개 레포로 부활하기까지 걸린 1년
mmmaxkim
0
990
Langfuseと歩む生成AI活用推進
licux
3
300
tool ディレクティブを導入してみた感想
sgash708
1
150
GUI操作LLMの最新動向: UI-TARSと関連論文紹介
kfujikawa
0
1k
大規模FlutterプロジェクトのCI実行時間を約8割削減した話
teamlab
PRO
0
490
🔨 小さなビルドシステムを作る
momeemt
1
490
Featured
See All Featured
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
110
20k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
890
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
Making the Leap to Tech Lead
cromwellryan
134
9.5k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Rails Girls Zürich Keynote
gr2m
95
14k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Being A Developer After 40
akosma
90
590k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Statistics for Hackers
jakevdp
799
220k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel
[email protected]
github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel
[email protected]
github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |