Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel Dominik Kundel PRO
January 23, 2024
Programming
0
260

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel

Dominik Kundel PRO

January 23, 2024
Tweet

More Decks by Dominik Kundel

See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
57
AI for Marketers Sept '24 - How AI Agents will change your
Avatar for Dominik Kundel dkundel
PRO
0
250
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
200
AI Engineer World's Fair '24 - Cooking with Fire without
Avatar for Dominik Kundel dkundel
PRO
0
210
SIGNAL 2021 - Live Developer Mode
Avatar for Dominik Kundel dkundel
PRO
0
180
OpenJS World - What the AST?
Avatar for Dominik Kundel dkundel
PRO
0
460
WFHConf - Move to TypeScript at your own Pace
Avatar for Dominik Kundel dkundel
PRO
0
330
SFNode '20 - How to move your project to TypeScript
Avatar for Dominik Kundel dkundel
PRO
0
340
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
Avatar for Dominik Kundel dkundel
PRO
0
360

Other Decks in Programming

See All in Programming
生成AIを活用した初学者向けPython講座
Avatar for Soogie soogie
1
140
エンジニアとして高みを目指す、 利益を生み出す設計の考え方 / design-for-profit
Avatar for MinoDriven minodriven
23
11k
そのpreloadは必要?見過ごされたpreloadが技術的負債として爆発した日
Avatar for mugi mugitti9
2
2.6k
AIで開発生産性を上げる個人とチームの取り組み
Avatar for TaniiGo taniigo
0
130
Model Pollution
Avatar for Henning Schwentner hschwentner
1
180
私はどうやって技術力を上げたのか
Avatar for Yusuke Wada yusukebe
42
17k
iOS 17で追加されたSubscriptionStoreView を利用して5分でサブスク実装チャレンジ
Avatar for Atsuya Sato natmark
0
430
CSC305 Lecture 02
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
260
iOSDC.pdf
Avatar for ビスター chronos2500
2
640
Let's Write a Train Tracking Algorithm
Avatar for Chris Trott twocentstudios
0
220
ポスターセッション: 「まっすぐ行って、右!」って言ってラズパイカーを動かしたい 〜生成AI × Raspberry Pi Pico × Gradioの試作メモ〜
Avatar for komo_fr komofr
0
810
高度なUI/UXこそHotwireで作ろう Kaigi on Rails 2025
Avatar for Naofumi Kagami naofumi
4
2.5k

Featured

See All Featured
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
54
11k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
114
20k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
431
66k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
57
5.9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
15k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
285
14k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
33
8.8k
Side Projects
Avatar for Sacha Greif sachag
455
43k
The Language of Interfaces
Avatar for Des Traynor destraynor
162
25k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
53
9k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.4k

Transcript

  1. Rogue Agents Stop AI from misusing APIs TechTalks SF -

    Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel

  2. Dominik Kundel | @dkundel

  3. console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel [email protected] github/dkundel

    Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel

  4. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  5. How can we have AI safely interact with APIs? Dominik

    Kundel | @dkundel

  6. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  7. Dominik Kundel | @dkundel How to connect AI to APIs

    Platforms Frameworks Native LLM Functions 🦜🔗

  8. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  9. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  10. What’s the problem? Dominik Kundel | @dkundel

  11. Dominik Kundel | @dkundel

  12. Dominik Kundel | @dkundel

  13. Unpredictable Dominik Kundel | @dkundel

  14. Dominik Kundel | @dkundel Easily Impressionable

  15. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  16. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  17. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  18. Dominik Kundel | @dkundel Rules are “suggestions”

  19. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  20. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  21. Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily

    Impressionable Rules “suggestions”

  22. Dominik Kundel | @dkundel

  23. How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel

  24. Dominik Kundel | @dkundel

  25. Dominik Kundel | @dkundel

  26. Dominik Kundel | @dkundel

  27. Dominik Kundel | @dkundel

  28. Dominik Kundel | @dkundel LLM

  29. Dominik Kundel | @dkundel

  30. Dominik Kundel | @dkundel

  31. Dominik Kundel | @dkundel

  32. Dominik Kundel | @dkundel

  33. Dominik Kundel | @dkundel LLM

  34. What security measures? Dominik Kundel | @dkundel

  35. Dominik Kundel | @dkundel Security Measures

  36. Dominik Kundel | @dkundel Security Measures Data Validation

  37. Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting

  38. Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate

    Limiting

  39. Dominik Kundel | @dkundel Security Measures

  40. Dominik Kundel | @dkundel Security Measures Authorization

  41. Dominik Kundel | @dkundel Security Measures Authorization Least Privilege

  42. Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi

    dential & unnecessary data Least Privilege

  43. Dominik Kundel | @dkundel Do threat modeling!

  44. Dominik Kundel | @dkundel Takeaways?

  45. Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?

  46. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways?

  47. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!

  48. console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel [email protected] github/dkundel

    d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |