Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Rogue Agents - Stop AI from misusing APIs
Search
Dominik Kundel
PRO
January 23, 2024
Programming
0
260
Rogue Agents - Stop AI from misusing APIs
Dominik Kundel
PRO
January 23, 2024
Tweet
Share
More Decks by Dominik Kundel
See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
59
AI for Marketers Sept '24 - How AI Agents will change your
dkundel
PRO
0
260
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
dkundel
PRO
0
200
AI Engineer World's Fair '24 - Cooking with Fire without
dkundel
PRO
0
210
SIGNAL 2021 - Live Developer Mode
dkundel
PRO
0
180
OpenJS World - What the AST?
dkundel
PRO
0
460
WFHConf - Move to TypeScript at your own Pace
dkundel
PRO
0
330
SFNode '20 - How to move your project to TypeScript
dkundel
PRO
0
340
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
dkundel
PRO
0
360
Other Decks in Programming
See All in Programming
bootcamp2025_バックエンド研修_WebAPIサーバ作成.pdf
geniee_inc
0
120
React Nativeならぬ"Vue Native"が実現するかも?_新世代マルチプラットフォーム開発フレームワークのLynxとLynxのVue.js対応を追ってみよう_Vue Lynx
yut0naga1_fa
1
140
「ちょっと古いから」って避けてた技術書、今だからこそ読もう
mottyzzz
12
7.1k
Go言語の特性を活かした公式MCP SDKの設計
hond0413
1
450
monorepo の Go テストをはやくした〜い!~最小の依存解決への道のり~ / faster-testing-of-monorepos
convto
2
530
理論と実務のギャップを超える
eycjur
0
170
Developer Joy - The New Paradigm
hollycummins
1
350
PHPに関数型の魂を宿す〜PHP 8.5 で実現する堅牢なコードとは〜 #phpcon_hiroshima / phpcon-hiroshima-2025
shogogg
1
320
Vueのバリデーション、結局どれを選べばいい? ― 自作バリデーションの限界と、脱却までの道のり ― / Which Vue Validation Library Should We Really Use? The Limits of Self-Made Validation and How I Finally Moved On
neginasu
2
460
登壇は dynamic! な営みである / speech is dynamic
da1chi
0
360
kiroとCodexで最高のSpec駆動開発を!!数時間で web3ネイティブなミニゲームを作ってみたよ!
mashharuki
0
860
XP, Testing and ninja testing ZOZ5
m_seki
3
810
Featured
See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
30
2.9k
The World Runs on Bad Software
bkeepers
PRO
72
11k
Docker and Python
trallard
46
3.6k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
34
2.5k
Leading Effective Engineering Teams in the AI Era
addyosmani
7
570
Code Reviewing Like a Champion
maltzj
526
40k
How to train your dragon (web standard)
notwaldorf
97
6.3k
4 Signs Your Business is Dying
shpigford
185
22k
Practical Orchestrator
shlominoach
190
11k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.7k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3k
Writing Fast Ruby
sferik
629
62k
Transcript
Rogue Agents Stop AI from misusing APIs TechTalks SF -
Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel
[email protected]
github/dkundel
Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
How can we have AI safely interact with APIs? Dominik
Kundel | @dkundel
How can we have AI interact with APIs? Dominik Kundel
| @dkundel
Dominik Kundel | @dkundel How to connect AI to APIs
Platforms Frameworks Native LLM Functions 🦜🔗
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗
Source: LangChain Documentation
What’s the problem? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Unpredictable Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Easily Impressionable
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:
what’s the worst that can happen?
Dominik Kundel | @dkundel Rules are “suggestions”
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections
explained
Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily
Impressionable Rules “suggestions”
Dominik Kundel | @dkundel
How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel
Dominik Kundel | @dkundel LLM
What security measures? Dominik Kundel | @dkundel
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Data Validation
Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting
Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate
Limiting
Dominik Kundel | @dkundel Security Measures
Dominik Kundel | @dkundel Security Measures Authorization
Dominik Kundel | @dkundel Security Measures Authorization Least Privilege
Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi
dential & unnecessary data Least Privilege
Dominik Kundel | @dkundel Do threat modeling!
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways?
Treat AI-exposed APIs as public Security mechanisms outside AI world
Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!
console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel
[email protected]
github/dkundel
d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |