shopping-assistant: An AI-Powered Webshop Demo Exploring LLM Interactions

shopping-assistant: An AI-Powered Webshop Demo Exploring LLM Interactions

Summary

The `shopping-assistant` project is a Java-based webshop demo, 'Bizarre Bazaar', featuring an AI-powered shopping assistant. It explores various LLM interaction modes, from helpful guidance with state management and security guardrails to demonstrating prompt injection attacks and an unethical assistant. This educational application provides practical examples of integrating AI into e-commerce, highlighting both its potential and crucial security considerations.

Repository Info

Updated on October 11, 2025
View on GitHub

Tags

JavaQuarkusAILLMShopping AssistantWebshopSecurityState Management

Click on any tag to explore related repositories

Introduction

The shopping-assistant repository by LizeRaes presents "Bizarre Bazaar," a basic webshop demo powered by an AI shopping assistant. Developed in Java with Quarkus, this project serves as an educational tool to explore different facets of Large Language Model (LLM) integration in an e-commerce context. It demonstrates how AI can assist customers, manage conversational state, implement security measures against prompt injection, and even simulate unethical sales tactics, offering valuable insights into AI application development.

Installation

To get the shopping-assistant running, ensure you have Java 21 installed.

  1. Clone the repository: git clone https://github.com/LizeRaes/shopping-assistant.git
  2. Navigate into the project directory: cd shopping-assistant
  3. Make mvnw executable if necessary: chmod +x mvnw
  4. Launch the application in development mode: ./mvnw quarkus:dev or quarkus dev (if Quarkus CLI is installed).

The application will typically be available at http://localhost:8080.

Examples

The shopping-assistant offers a rich set of examples, each demonstrating a specific aspect of AI assistant behavior and security. Here's a breakdown of the main modes:

1. Helpful Assistant with No State

  • What it is: A single LLM handles all step transitions and has access to all tools.
  • Demonstrates: High-quality LLMs can support easy workflows without explicit state management, though behavior can be unpredictable.
  • Access: http://localhost:8080/helpful-assistant-no-state.html

2. Helpful Assistant with State

  • What it is: Different AI services are lined up in a state machine with a programmatically decided flow.
  • Demonstrates: How to manage state predictably and limit responsibilities/tool access for different AI services.
  • Access: http://localhost:8080/helpful-assistant.html

3. Helpful Assistant with Human Confirmation

  • What it is: The state machine from the previous version, but requires user confirmation before placing an order.
  • Demonstrates: How to incorporate a human-in-the-loop for critical decisions, costly procedures, or sensitive actions.
  • Access: http://localhost:8080/helpful-assistant-with-confirmation.html

4. Helpful Assistant with Input Sanitization (Guardrails)

  • What it is: Adds input sanitization to protect against prompt and SQL injection.
  • Demonstrates: Implementing guardrails to secure your system from malicious inputs.
  • Launch: quarkus dev -Dguarded=true
  • Access: http://localhost:8080/helpful-assistant-with-confirmation.html

5. Helpful Assistant Getting Hacked by LLM

  • What it is: A simulated "hacker" LLM attempts to breach the system.
  • Demonstrates: The importance of robust security measures, as AI can also be used for attacks.
  • Launch: quarkus dev -Dhacked=true
  • Access: http://localhost:8080/helpful-assistant-with-confirmation.html

6. Helpful Assistant Interacting with an Uncensored Model

  • What it is: Similar to the hacker demo, but with an uncensored model attempting to buy illicit items.
  • Demonstrates: The behavior of uncensored models, primarily for fun and demonstration.
  • Launch: quarkus dev -Dshouting=true
  • Access: http://localhost:8080/helpful-assistant-with-confirmation.html

7. Unethical Capitalist Assistant

  • What it is: A helpful assistant that tries to maximize sales by tracking user profiles, offering more expensive products, and creating tailored descriptions.
  • Demonstrates: Interaction between two AI agents and the potential for AI to influence purchasing decisions.
  • Access: http://localhost:8080/unethical-assistant.html

Why use it

This repository is an excellent resource for developers and AI enthusiasts interested in practical LLM applications. It provides hands-on examples for:

  • Integrating LLMs into web applications using Java and Quarkus.
  • Managing conversational state in AI assistants.
  • Implementing security guardrails against prompt injection and other vulnerabilities.
  • Understanding the ethical implications and potential for AI misuse.
  • Exploring agent-to-agent interaction and personalized user experiences.

It's a valuable educational tool for anyone looking to build robust and secure AI-powered systems.

Links