Otto AI FAQs

Who has access to Ask Otto?

Once enabled by the Global Admin for a zone, any users with Zone Administrator or Zone Operator can access Ask Otto.

Can I disable Ask Otto after it is enabled

Not at this time.

Is Otto AI expected to be able to evaluate the code in an existing worklet without having to put the actual code into the prompt?

No, for security reasons we don’t automatically send worklet contents through Otto AI.

Is Otto AI using data from Automox to help formulate its response?

No, Otto AI is operating on the training data incorporated in OpenAI’s models.

What is the architecture for how Otto AI is connecting to ChatGPT?

Otto AI connects to ChatGPT over HTTPS. User input and session identifiers are shared, and this can include historical input from the user as well.

What happens to data entered into Otto AI? Is there anything else or anywhere else data sharing is happening?

Data is sent to ChatGPT and stored on Automox infrastructure to facilitate providing the Ask Otto feature.

How do I know that the code generated by Otto AI is good and not malicious?

You don’t. Otto AI is a copilot assistant, and while there are soft guard rails in place to prevent things like deleting System files, we shouldn’t assume they are going to work all the time. There is no data post-processing of response returned by ChatGPT. Code parts wrapped in markdown code blocks are automatically pasted into the editor.

What if ChatGPT gets compromised?  What is the exposure of my data / infrastructure?

Data from the last 30 days is retained by OpenAI. User input in that period of time would be exposed via an OpenAI compromise if that dataset was impacted as part of the breach. From OpenAI:

OpenAI retains API data for 30 days for abuse and misuse monitoring purposes. A limited number of authorized OpenAI employees, as well as specialized third-party contractors that are subject to confidentiality and security obligations, can access this data solely to investigate and verify suspected abuse. OpenAI may still have content classifiers flag when data is suspected to contain platform abuse. Data submitted by the user through the Files endpoint, for instance to fine-tune a model, is retained until the user deletes the file.

https://openai.com/policies/api-data-usage-policies

What happens if an Otto AI generated script breaks something in my environment?

Output from Otto AI should be validated prior to execution on a device. Refer to the agreement that all Otto AI users must accept prior to usage:

The Otto AI interface allows your users to access OpenAI’s ChatGPT through the Automox console to suggest Worklet scripts. Use of Otto AI will comply with the OpenAI Terms of Use.

Input to Otto AI is not confidential. Do not include any personal data or proprietary information. Output from Otto AI is Third Party Content for purposes of your agreement with Automox, and it may be subject to third-party licenses, including open source licenses.

The Output is available “AS IS” without warranty or support by Automox or OpenAI. If you do not want to enable Otto AI for your organization, please select “Close.”