Shabista Shabista and Ravi Gupta, Independent; Mayank Kumar Raunak, Intel Corporation
"Run it locally and your data stays private." This assumption is dangerously wrong.
When an AI agent calls external tools—weather APIs, calendars, maps, search—the request itself leaks user data. A local agent asking "What's the weather at my doctor's office?" sends exact coordinates to a third party. The agent may be local, but your medical visit pattern isn't.
We are analyzing tool calls from a prototype smart home agent. Preliminary testing indicates that the majority leak personally identifiable or sensitive contextual information in the request parameters alone—before any response is processed. Location, health indicators, financial patterns, and relationship data routinely escape through tool call payloads.
This talk presents a working Tool Call Sanitizer deployed on Raspberry Pi that intercepts, analyzes, and generalizes outbound requests in real-time. We target significant reduction in data leakage with minimal degradation in task utility. Privacy engineering must extend beyond the agent to the entire tool ecosystem.
Shabista is a Senior Software Engineer with over a decade of experience designing and delivering enterprise-grade software across healthcare, fintech, and HR technology. Her expertise spans end-to-end product development, from greenfield architecture and secure deployment systems to configurable integration frameworks serving thousands of customers. She is also actively pursuing research in areas such as LLM optimization, edge AI, and neural architecture search. She holds a Master's in Computer Science and brings a distinctive combination of production engineering rigor and applied research insight to her work.
Ravi Gupta is a Deep Learning Technical Lead specializing in accelerating AI model computations on large-scale GPU systems, with expertise spanning PyTorch, vLLM, and distributed inference frameworks. He holds a Master's in Computer Engineering from Purdue University, where his research focused on automated performance tuning of CUDA kernels using machine learning at Lawrence Livermore National Laboratory. With over a decade of industry experience, he has led teams in deploying scalable LLM inference and fine-tuning solutions, profiling multi-GPU and multi-node systems, and optimizing collective operations on supercomputing clusters. His work bridges high-performance computing and deep learning, driving efficient deployment of large language models across diverse hardware accelerators.
Mayank Kumar Raunak is an AI Framework Engineer at Intel Corporation, where he works on advancing AI frameworks and compiler technologies for high-performance machine learning systems. He leads efforts to enable JAX and XLA on Intel GPUs in collaboration with Google and has played a key role in delivering TensorFlow CPU Windows releases to the open-source community via PyPI. His work focuses on deep learning optimization, compiler improvements, and performance acceleration across CPU and GPU platforms using technologies such as oneDNN, XLA, and JAX.
Previously, he worked at Intel Labs on collaborative research projects with Princeton University, University College London, and Yale University, contributing to model interoperability standards and transformer-based language model optimization. His research background also includes computer vision, generative models, and speech verification systems, developed during his time as a Data Scientist at Indiana University.
author = {Shabista Shabista and Ravi Gupta and Mayank Kumar Raunak},
title = {Shadow Data in Tool Calls: The Privacy Leak Hiding in Plain Sight},
year = {2026},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = jun
}