Real-time AI agent cost gating system with budget enforcement and graceful degradation
Project description
mesh-cost-firewall
Real-time AI agent cost gating system that prevents budget overruns before they happen.
What is this?
mesh-cost-firewall is a cost control middleware that sits between your agent mesh and LLM APIs, automatically rejecting or rate-limiting requests that would breach per-agent, per-user, or global budget limits. Instead of discovering runaway costs in your billing dashboard, agents hit configurable spending ceilings and fail gracefully. Built for autonomous multi-agent systems where financial guardrails are essential.
Features
- Multi-level budget enforcement — Global, per-user, and per-agent cost caps
- Real-time cost estimation — Pre-request cost prediction before API calls
- Graceful rate limiting — Circuit breaker pattern for budget exhaustion
- LLM model awareness — Built-in pricing for GPT-4, Claude, and other major models
- Request interception — Transparent proxy layer between agents and APIs
- Configuration as code — YAML/env-based budget definitions
- Docker-native — Ships with Dockerfile and docker-compose for instant deployment
- Production-ready — Handles concurrent requests, persistent state, and monitoring hooks
Quick Start
Installation
# Clone and install
git clone <repo>
cd mesh-cost-firewall
pip install -e .
# Or with Docker
docker-compose up -d
Configuration
Create a .env file (see .env.example):
GLOBAL_BUDGET_CENTS=100000
DEFAULT_USER_BUDGET_CENTS=10000
DEFAULT_AGENT_BUDGET_CENTS=1000
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...
Basic Usage
from mesh_cost_firewall import CostFirewall
firewall = CostFirewall(config_path="config.yaml")
# Wrap your LLM call
result = firewall.request(
agent_id="researcher_1",
user_id="user_42",
model="gpt-4",
tokens=2000,
endpoint="https://api.openai.com/v1/chat/completions"
)
if result.allowed:
# Safe to proceed
response = call_llm_api(...)
else:
# Budget exhausted
logger.warning(f"Request rejected: {result.reason}")
Or use as an HTTP proxy:
export FIREWALL_PORT=8000
python -m mesh_cost_firewall.main
curl -X POST http://localhost:8000/v1/chat/completions \
-H "X-Agent-Id: researcher_1" \
-H "X-User-Id: user_42" \
-d '{"model": "gpt-4", ...}'
Tech Stack
- Python 3.9+ — Core runtime
- FastAPI — HTTP proxy and API
- Pydantic — Configuration validation
- APScheduler — Budget reset scheduling
- Docker — Containerization
- SQLite — Persistent state (upgradeable to Postgres)
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mesh_cost_firewall-0.1.0.tar.gz.
File metadata
- Download URL: mesh_cost_firewall-0.1.0.tar.gz
- Upload date:
- Size: 13.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0d978195c7a88bf32baa83b6c595c9ef3bbc3f5f99b3ea12d3291c223726a1de
|
|
| MD5 |
e265201eb252a91d82a4b45b920486b5
|
|
| BLAKE2b-256 |
aeecb0e4eb59192d094bcb87b8788048b31f15cbc955e47f17dec54c01abb47e
|
File details
Details for the file mesh_cost_firewall-0.1.0-py3-none-any.whl.
File metadata
- Download URL: mesh_cost_firewall-0.1.0-py3-none-any.whl
- Upload date:
- Size: 14.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9919049140a52e98e639db447cf01c68366f9eb9571f99d8213f1383afd6ab27
|
|
| MD5 |
3a3e02194de5f10d0c8ceb0163386f47
|
|
| BLAKE2b-256 |
1fa69e77a2ef901b1d9cc621ae65cd7672d378b791e1635e66a408cdca0d5abb
|
