Simon A.T. Jiménez

Command and Conquer: How we let an LLM control our Software

Treat your LLM as an extremely unreliable API. Here's how to build the harness of validation, user approval, and cost controls to use it safely.

Command and Conquer: How we let an LLM control our Software
#1about 2 minutes

Using an LLM as a command pattern for software control

The core concept is to use a large language model to generate and execute commands within an application, with a human always in the loop for safety.

#2about 4 minutes

Evolving from a custom model to a multi-provider architecture

The journey began with a proprietary model before shifting to GPT-3.5 and building a vendor-agnostic layer to support providers like Azure OpenAI for data residency.

#3about 4 minutes

Managing API inconsistencies across different LLM providers

Different LLM providers implement the OpenAI standard inconsistently, requiring model-specific feature flags and custom logic to handle variations in JSON strict mode.

#4about 3 minutes

Building robust parsers for unreliable LLM JSON output

To handle chatty or malformed LLM responses, a custom parser was built to find and extract the first valid JSON block before attempting validation.

#5about 5 minutes

Implementing cost controls after an unexpected usage spike

A customer syncing their entire Confluence knowledge base led to a massive, unexpected bill, forcing the implementation of token limits and a user-facing credit system.

#6about 4 minutes

Enabling custom endpoints for enterprise data security

To meet enterprise security and data residency requirements, customers can configure their own LLM endpoints, ensuring their data never leaves their environment.

#7about 5 minutes

Designing a safe human-in-the-loop interaction model

The system proposes operations for human approval rather than executing them directly, providing a safety harness to prevent unintended actions like data deletion.

#8about 2 minutes

Using a plan and fulfill pattern to improve reliability

Complex tasks are broken down into a two-step process where one LLM first creates a plan and subsequent, focused LLM calls execute each item individually.

#9about 2 minutes

How to test non-deterministic AI-driven features effectively

Instead of testing for exact output, tests validate the intent of the LLM's action and are designed to pass if they succeed a majority of the time.

#10about 2 minutes

Offering prompt customization and automated GDPR compliance checks

A control plane allows enterprise customers to customize system prompts for their specific needs, and a research project explored using specialized prompts for automated GDPR reviews.

#11about 4 minutes

Key lessons learned from building with large language models

Treat LLMs as unreliable APIs, always validate their output, manage costs proactively, avoid vendor lock-in, and keep a human in the loop for all critical operations.

Related jobs
Jobs that call for the skills explored in this talk.

Featured Partners

Related Articles

View all articles

From learning to earning

Jobs that call for the skills explored in this talk.