top | item 46391008

(no title)

aidos | 2 months ago

> No model should ever know Jon Snow’s phone number from a SaaS service, but this approach allows this sort of retrieval.

This reads to me like they think that the response from the tool doesn’t go back to the LLM.

I’ve not worked with tools but my understanding is that they’re a way to allow the LLM to request additional data from the client. Once the client executes the requested function, that response data then goes to the LLM to be further processed into a final response.

discuss

simonw|2 months ago

I was confused by that too. I think I've figured it out.

They're saying that a public LLM won't know the email address of Jon Snow, but they still want to be able to answer questions about their private SaaS data which DOES know that.

Then they describe building a typical tool-based LLM system where the model can run searches against private data and round-trip the results through the model to generate chat responses.

They're relying on the AI labs to keep their promises about not training in data from paying API customers. I think that's a safe bet, personally.

aidos|2 months ago

Makes sense. I agree that it’s probably a safe bet too. Not sure how customers would feel about it though.

It’s also funny how these tools push people into patterns by accident. You’d never consider sending a customer’s details to a 3rd party for them just to send them back, right? And there’s nothing stopping someone from just working more directly with the tool call response themselves but the libraries are setup so you lean into the LLM more than is required (I know you more than anyone appreciate that the value they add here is parsing the fuzzy instruction into a tool call - not the call itself).

timrogers|2 months ago

That would be the normal pattern. But you could certainly stop after the LLM picks the tool and provides the arguments, and not present the result back to the model.